Wondering if it is possible to create/generate an alert within the Azure Portal utilizing Microsoft Defender for Cloud that would be triggered when a vulnerability within 'Recommendations' is added with a severity of 'High'?
I understand that the query which generates the vulnerability results is able to be opened and I can see the query as it opens in Azure Resource Graph Explorer, but unlike the logs, there is no 'Create Alert' option in the header of ARGE.
Any thoughts on how this can be accomplished?
Use Defender for Cloud workflow automation, it triggers LogicApp flows on security alerts, recommendations and changes to regulatory compliance.
https://learn.microsoft.com/en-us/azure/defender-for-cloud/workflow-automation