TF 0500 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
At least one email address is set for threat alerts
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | database |
| Provider | Azure |
| Vulnerability Type | omission |
Description
The security alert policy for Azure SQL Server is configured without any email addresses, meaning threat detection alerts will not be sent to administrators or security teams. This results in a lack of immediate notification when suspicious activity is detected.
Impact
Without email notifications for threat alerts, critical security incidents may go unnoticed, delaying response and mitigation. This increases the risk that attackers can exploit vulnerabilities or exfiltrate data without timely intervention, potentially leading to data breaches or compliance violations.
Resolution
Provide at least one email address for threat alerts