TF 0411 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Auditing should be enabled on Azure SQL Databases
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | database |
| Provider | Azure |
| Vulnerability Type | omission |
Description
Azure SQL Databases are configured without auditing enabled, which means actions and access to the database are not being logged. This lack of auditing makes it difficult to track activity or spot unauthorized or suspicious behavior.
Impact
Without auditing, unauthorized access or malicious actions may go undetected, making it harder to investigate incidents, comply with regulatory requirements, or identify security breaches. This can lead to data exposure, compliance violations, and increased risk of undetected attacks.
Resolution
Enable auditing on Azure SQL databases