Azure Defender for Key Vault just released!

As the service owner, I am super excited to share that Azure Defender for Key Vault is now generally available!

It is really One Microsoft experience to work closely with Azure Security Center and Azure Key Vault team to launch this service. Also personally, I grew up a lot after going through the Machine Learning algorithm improvement, infrastructure refactoring, BCDR and privacy policy compliance, cost reduce, monthly business review(MBR), customer feedback investigation.

It is indeed a challenging and inspiring work to wake me up every day.

What is Azure Defender for Key Vault

https://docs.microsoft.com/en-us/azure/security-center/defender-for-key-vault-introduction

Customers are using Azure Key Vault to store the most sensitive information in their Azure environment: keys, passwords, secrets and certificates for all of their Azure resources. By achieving this data, attackers may be able to perform lateral movement and breach other resources in the customers Azure environment.

Azure Defender for Key Vault is a cloud-native, breadth threat protection suite – gives customers additional layer of protection for the precious secretes stored in the Key Vault by helping the SOC team to detect suspicious activities in their Key Vaults and protect the entire Azure environment.

How to Enable Azure Defender for Key Vault

Enable it from Azure Key Vault

In Key Vault’s Security page, click “try it for the first 30 days”
Enable it from Azure Security Center

https://docs.microsoft.com/en-us/azure/security-center/security-center-pricing#enable-azure-defender
1. From Security Center’s main menu, select Pricing & settings.
2. Select the subscription that you want to upgrade.
3. Select Azure Defender on to upgrade.
4. Select Save.
Below is the pricing page for an example subscription. You’ll notice that each plan in Azure Defender is priced separately and can be individually set to on or off. Make sure it is on for Azure Key Vault.