Hello,
In Microsoft Defender for Cloud, you can configure email notifications for alerts and attack paths. These notifications ensure timely delivery to the appropriate recipients. Here’s how you can set it up:
- Customize Email Notifications in the Portal:
- Sign in to the Azure portal.
- Navigate to Microsoft Defender for Cloud > Environment settings.
- Select the relevant subscription.
- Choose email notifications.
- Define the recipients using one or both of these options:
- From the dropdown list, select from the available roles.
- Enter specific email addresses separated by commas (there’s no limit to the number of email addresses you can enter).
- Select the notification types:
- Notify about alerts with the following severity (or higher) and select a severity level. - Notify about attack paths with the following risk level (or higher) and select a risk level.
- Click Save.
- Customize Email Notifications with an API:
- You can also manage email notifications through the supplied REST API. For full details,refer to the SecurityContacts API documentation.
For Microsoft Defender XDR, you can create rules to determine the devices and alert severities for email notifications. Here’s how:
- Sign in to Microsoft Defender XDR using an account with the Security Administrator or Global Administrator role assigned.
- In the navigation pane, go to Settings > Endpoints > General > Email notifications
I hope this helps!
Remember to accept the answer if it is helpful.