Description:

Microsoft Defender for App Services is a security feature in Microsoft Defender for Cloud that protects your Azure App Service apps. When turned on, it scans your web apps for vulnerabilities, unusual activity, and potential attacks. It helps detect issues such as misconfigurations, malicious behavior, and known security weaknesses. Enabling this feature ensures that your web apps are always being checked and protected from common threats.


Rationale :

Turning on Microsoft Defender for App Services is important because it:

  • Improves security by detecting vulnerabilities and suspicious activity in real time.

  • Helps with compliance by providing continuous security checks.

  • Reduces risk by identifying potential problems before attackers can exploit them.

  • Prevents breaches by sending alerts when something unusual or dangerous happens.

In short, it gives you better protection and more visibility into the security of your web apps.


Impact :

When Defender for App Services is enabled:

  • Your web apps are continuously monitored and better protected.

  • You get detailed insights into threats, vulnerabilities, and risky behaviors.

  • You may receive more security alerts that need attention.


Default Value :

By default, Microsoft Defender for App Services is usually off.
You must turn it on manually in Defender for Cloud or through policy automation.


Pre-requisites:

  • Azure subscription with Microsoft Defender for Cloud enabled.

  • Global Administrator or Security Administrator permissions to enable and configure Microsoft Defender for App Services.


Test Plan:

  1. Sign in to the Azure Portal.

  2. Search for  Microsoft Defender for Cloud.

  3. Under the management section, select the Environment settings. 

  4. Scroll down and select your subscription where your App service is deployed

  5. In the Cloud Workload Protection (CWPP), locate the App Service, and check if Microsoft Defender for the App Service is ON or OFF.


        


  1. If it is OFF, follow the Implementation Plan.


Implementation Steps:

  1. Sign in to the Azure Portal.

  2. Search for  Microsoft Defender for Cloud.

  3. Under the management section, select the Environment settings. 

  4. Scroll down and select your subscription where your App service is deployed.

             


  1. In the Cloud Workload Protection (CWPP) and locate the App Service, and enable(ON) Microsoft Defender for the App Service.


      

  1. Save it


Backout Plan:

  1. Sign in to the Azure Portal.

  2. Search for  Microsoft Defender for Cloud.

  3. Under the management section, select the Environment settings.

  4. Scroll down and select your subscription where your Ap service is deployed.

  5. In the Cloud Workload Protection (CWPP), locate the App Service, and disable (OFF) Microsoft Defender for the App Service, and save.


Reference: