Verify that That Microsoft Defender for App Services Is Set To 'On'

Framework Reference: A.8.16 Integration: Azure – Microsoft Defender for Cloud

Why this matters

Microsoft Defender for App Service provides built-in threat detection capabilities for Azure App Services, including web apps and APIs. It uses threat intelligence from the Microsoft Security Response Center (MSRC) to identify anomalies and suspicious activity. Without this protection, application services are more vulnerable to exploitation, misconfigurations, and targeted attacks.

What this check does

Check Logic

Verify that Microsoft Defender for App Services is enabled by confirming the pricing tier is set to Standard.

Applies to

• Azure App Service

• Web Apps

• Azure Functions under App Service

How to fix it

Azure Portal

1. Navigate to Microsoft Defender for Cloud

2. Under Management, select Environment Settings

3. Click on your subscription name

4. Go to the Defender plans blade

5. Set App Service to On

6. Click Save

Azure CLI

az security pricing create -n AppServices --tier 'standard' 

PowerShell

Set-AzSecurityPricing -Name "AppServices" -PricingTier "Standard"

Exceptions

None

Further resources

• Microsoft Defender detection capabilities

• Azure REST API – Pricing Update

• Azure REST API – Pricing List

• PowerShell: Get-AzSecurityPricing

• Azure Security Benchmark: LT-1