Skip to content

cis_2_1_26 — Defender for Azure Cosmos DB enabled

Summary

Severity: Medium · Pillar: Data · Chain role: ENABLER

Description

Defender for Cosmos DB detects SQL injection, suspicious access patterns, and potential data exfiltration from Cosmos DB accounts.

Mapping

Framework Control / Reference
NIST 800-53 SC-7
NIST 800-207
CIS Azure 2.1.26
MITRE ATT&CK Technique T1530
MITRE ATT&CK Tactic Collection
Zero-Trust Tenet
Framework tags cis-azure-2.0, nist-800-53

Source

Rule defined at policies/azure/cis/defender/cis_2_1_26.rego.

View on GitHub