Reported incidents should be closed in Microsoft Defender

TEST-145: Reported incidents should be closed in Microsoft Defender
What This Test Checks
Remediation

TEST-145: Reported incidents should be closed in Microsoft Defender

Checks that incidents detected in Microsoft Defender are closed and resolved. Integration: Azure SLA: 7 days Responsible Role: InfoSec Officer / CISO

This test runs automatically when the integration is connected. Results appear in your Tests dashboard with pass/fail evidence and timestamps.

What This Test Checks

This automated compliance test verifies that your Azure environment meets security best practices. When DSALTA detects a failure, you will receive an alert with remediation guidance.

Remediation

Content coming soon. This page will include step-by-step remediation instructions.

Azure Defender should be enabled Azure flow logs should be captured

Getting Connected

Identity Providers

Cloud Infrastructure

Code Repositories

Security & Monitoring

Databases

SaaS & Productivity

Reported incidents should be closed in Microsoft Defender

TEST-145: Reported incidents should be closed in Microsoft Defender

What This Test Checks

Remediation

Getting Connected

Identity Providers

Cloud Infrastructure

Code Repositories

Security & Monitoring

Databases

SaaS & Productivity

​TEST-145: Reported incidents should be closed in Microsoft Defender

​What This Test Checks

​Remediation

TEST-145: Reported incidents should be closed in Microsoft Defender

What This Test Checks

Remediation