Set Microsoft Defender for APIs to the Standard tier#
Security · Microsoft Defender for Cloud · Rule · 2023_12 · Critical
Enable Microsoft Defender for APIs.
Description#
Microsoft Defender for APIs provides additional security for APIs published in Azure API Management.
Protection is provided by analyzing onboarded APIs. Which allows Microsoft Defender for Cloud to produce security findings.
The inventory and security findings for onboarded APIs is reviewed in the Defender for Cloud API Security dashboard.
These security findings includes API recommendations and runtime threats.
Defender for APIs can be enabled together with the Defender CSPM plan, offering further capabilities.
Microsoft Defender for APIs can be enabled at the subscription level.
Recommendation#
Consider using Microsoft Defender for APIs to provide additional security for APIs published in Azure API Management.
Examples#
Configure with Azure template#
To deploy and enable Defender for APIs configurations that pass this rule:
- Set the
properties.pricingTier
property to toStandard
. - Set the
properties.subPlan
property to a plan such asP1
. Other plans are available, currently these are:P1
,P2
,P3
,P4
, andP5
.
For example:
{
"type": "Microsoft.Security/pricings",
"apiVersion": "2023-01-01",
"name": "Api",
"properties": {
"subPlan": "P1",
"pricingTier": "Standard"
}
}
Configure with Bicep#
To deploy and enable Defender for APIs configurations that pass this rule:
- Set the
properties.pricingTier
property to toStandard
. - Set the
properties.subPlan
property to a plan such asP1
. Other plans are available, currently these are:P1
,P2
,P3
,P4
, andP5
.
For example:
resource defenderForApi 'Microsoft.Security/pricings@2023-01-01' = {
name: 'Api'
properties: {
subPlan: 'P1'
pricingTier: 'Standard'
}
}
Configure with Azure CLI#
To enable Microsoft Defender for APIs:
- Set the
Standard
pricing tier for Microsoft Defender for APIs.
For example:
Configure with Azure PowerShell#
To enable Microsoft Defender for APIs:
- Set the
Standard
pricing tier for Microsoft Defender for APIs.
For example:
Notes#
Currently only REST APIs published in Azure API Management is supported. Not all regions are supported.
Links#
- SE:10 Monitoring and threat detection
- What is Microsoft Defender for Cloud?
- Overview of Microsoft Defender for APIs
- Support and prerequisites for Defender for APIs
- Onboard Defender for APIs
- Quickstart: Enable enhanced security features
- Azure security baseline for API Management
- LT-1: Enable threat detection capabilities
- Azure Policy built-in policy definitions
- Azure deployment reference