| Plugin Title | Security Contact Additional Email |
| Cloud | AZURE |
| Category | Defender |
| Description | Ensure Additional email addresses are configured with security contact email. |
| More Info | 'Microsoft Defender for Cloud emails the Subscription Owner to notify them about security alerts. Adding your Security Contact's email address to the Additional email addresses field ensures that your organization's Security Team is included in these alerts. This ensures that the proper people are aware of any potential compromise in order to mitigate the risk in a timely fashion. |
| AZURE Link | https://learn.microsoft.com/en-us/azure/defender-for-cloud/configure-email-notifications |
| Recommended Action | Modify security contact information and add additional emails. |
- Log in to the Microsoft Azure Management Console.
- Select the "Search resources, services, and docs" option at the top and search for "Microsoft Defender for Cloud".
- On the "Microsoft Defender for Cloud" page, scroll down the left navigation panel and choose "Environment Settings".
- On the "Environment Settings" page, select the "Subscription" by clicking on the "Name".
- Under the "Settings | Defender plans " page, click on the "Email Notifications".
- On the "Settings | Email notifications" page under "Email recipients" if the "Additional email addresses (separated by commas)" is empty then the security contacts additional are not configured to be sent to the admins.
- On the "Additional email addresses (separated by commas) section add the additional email addresses.
- Under "Notification types" select "High" from the dropdown next to "Notify about alerts with the following severity (or higher). Click on the "Save" button to make the changes.
- Repeat step number 3 - 8 to ensure to ensure that email notifications are configured to be sent to subscription owners.
