Microsoft Defender for Storage with Malware Scanning and Sensitive Data Threat Detection

What does this mean?

Microsoft Defender for Storage provides advanced threat detection for Azure Storage accounts, including malware scanning on uploaded blobs and detection of sensitive data exposure. This recommendation ensures these features are enabled.

Benefits of implementation

• Automatic malware detection on uploaded files
• Detects exposure of sensitive data (PII, credentials)
• Near real-time threat detection for storage operations

Drawbacks and considerations

• Per-storage-account cost for Defender for Storage
• Malware scanning adds processing overhead
• Large volumes of uploads may increase costs significantly

Implementation

Implementation guidance coming soon.

Related recommendations

Related recommendations will be linked here.