MicrosoftDocs
diff --git a/‎azure-sql/database/azure-defender-for-sql.md‎
Lines changed: 12 additions & 17 deletions b/‎azure-sql/database/azure-defender-for-sql.md‎
Lines changed: 12 additions & 17 deletions
diff --git a/‎azure-sql/database/media/azure-defender-for-sql/enable-azure-defender.png‎
32.6 KB b/‎azure-sql/database/media/azure-defender-for-sql/enable-azure-defender.png‎
32.6 KB
@@ -10,16 +10,14 @@ ms.topic: conceptual
 ms.author: memildin
 manager: rkarlin
 author: memildin
-ms.reviewer: vanto
-ms.date: 12/01/2020
+ms.date: 02/02/2021
 ---
 # Azure Defender for SQL
 [!INCLUDE[appliesto-sqldb-sqlmi-asa](../includes/appliesto-sqldb-sqlmi-asa.md)]
 
-
 Azure Defender for SQL is a unified package for advanced SQL security capabilities. Azure Defender is available for Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics. It includes functionality for discovering and classifying sensitive data, surfacing and mitigating potential database vulnerabilities, and detecting anomalous activities that could indicate a threat to your database. It provides a single go-to location for enabling and managing these capabilities.
 
-## Overview
+## What are the benefits of Azure Defender for SQL?
 
 Azure Defender provides a set of advanced SQL security capabilities, including SQL Vulnerability Assessment and Advanced Threat Protection.
 - [Vulnerability Assessment](sql-vulnerability-assessment.md) is an easy-to-configure service that can discover, track, and help you remediate potential database vulnerabilities. It provides visibility into your security state, and it includes actionable steps to resolve security issues and enhance your database fortifications.
@@ -29,10 +27,6 @@ Enable Azure Defender for SQL once to enable all these included features. With o
 
 For more information about Azure Defender for SQL pricing, see the [Azure Security Center pricing page](https://azure.microsoft.com/pricing/details/security-center/).
 
-## Getting started with Azure Defender
-
-The following steps get you started with Azure Defender.
-
 ## Enable Azure Defender
 
 Azure Defender can be accessed through the [Azure portal](https://portal.azure.com). Enable Azure Defender by navigating to **Security Center** under the **Security** heading for your server or managed instance.
@@ -42,27 +36,28 @@ Azure Defender can be accessed through the [Azure portal](https://portal.azure.c
 >
 > The cost of Azure Defender is aligned with Azure Security Center standard tier pricing per node, where a node is the entire server or managed instance. You are thus paying only once for protecting all databases on the server or managed instance with Azure Defender. You can try Azure Defender out initially with a free trial.
 
-:::image type="content" source="media/azure-defender-for-sql/enable-azure-defender.png" alt-text="enable Azure Defender":::
+:::image type="content" source="media/azure-defender-for-sql/enable-azure-defender.png" alt-text="Enable Azure Defender for SQL from within Azure SQL databases":::
 
-## Start tracking vulnerabilities and investigating threat alerts
+## Track vulnerabilities and investigate threat alerts
 
 Click the **Vulnerability Assessment** card to view and manage vulnerability scans and reports, and to track your security stature. If security alerts have been received, click the **Advanced Threat Protection** card to view details of the alerts and to see a consolidated report on all alerts in your Azure subscription via the Azure Security Center security alerts page.
 
 ## Manage Azure Defender settings
 
-To view and manage Azure Defender settings, navigate to **Security Center** under the **Security** heading for your server or managed instance. On this page, you can enable or disable Azure Defender, and modify vulnerability assessment and Advanced Threat Protection settings for your entire server or managed instance.
+To view and manage Azure Defender settings:
+
+1. From the **Security** area of your server or managed instance, select **Security Center**.
 
-:::image type="content" source="media/azure-defender-for-sql/security-server-settings.png" alt-text="security server settings":::
+    On this page, you'll see the status of Azure Defender for SQL:
 
-## Manage Azure Defender settings for a database
+    :::image type="content" source="media/azure-defender-for-sql/status-of-defender-for-sql.png" alt-text="Checking the status of Azure Defender for SQL inside Azure SQL databases":::
 
-To override Azure Defender settings for a particular database, check the **Enable Azure Defender for SQL at the database level** checkbox in your database **Security Center** settings. Use this option only if you have a particular requirement to receive separate Advanced Threat Protection alerts or vulnerability assessment results for the individual database, in place of or in addition to the alerts and results received for all databases on the server or managed instance.
+1. If Azure Defender for SQL is enabled, you'll see a **Configure** link as shown in the previous graphic. To edit the settings for Azure Defender for SQL, select **Configure**.
 
-Once the checkbox is selected, you can then configure the relevant settings for this database.
+    :::image type="content" source="media/azure-defender-for-sql/security-server-settings.png" alt-text="security server settings":::
 
-:::image type="content" source="media/azure-defender-for-sql/enable-for-database-level.png" alt-text="enable Azure Defender at database level":::
+1. Make the necessary changes and select **Save**.
 
-Azure Defender for SQL settings for your server or managed instance can also be reached from the Azure Defender database pane. Click **Settings** in the main Security Center pane, and then click **View Azure Defender for SQL server settings**.
 
 ## Next steps