This article was originally posted on the Microsoft Azure Blog.
We are excited to announce that this week we have made Advanced Threat Protection available for public preview on Azure Storage Blob service. Advanced Threat Protection for Azure Storage detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit storage accounts.
The introduction of this feature helps customers detect and respond to potential threats on their storage account as they occur. For a full investigation experience, it is recommended to configure diagnostic logs for read, write, and delete requests for the blob services.
The benefits of Advanced Threat Protection for Azure Storage include:
- Detection of anomalous access and data exfiltration activities.
- Email alerts with actionable investigation and remediation steps.
- Centralized views of alerts for the entire Azure tenant using Azure Security Center.
- Easy enablement from Azure portal.
How to set up Advanced Threat Protection
- Launch the Azure portal.
- Navigate to the configuration page of the Azure Storage account you want to protect. In the Settings page, select Advanced Threat Protection.
- In the Advanced Threat Protection configuration blade:
- Turn on Advanced Threat Protection.
- Click Save to save the new or updated Advanced Threat Protection policy.
Get started today
We encourage you to try out Advanced Threat Protection for Azure Storage and start detecting potential threats to your storage account. Learn more about Advanced Threat Protection for Azure Storage on our getting started page.