WI564450

Author: ElazarK

articles/defender-for-cloud/release-notes-recommendations-alerts.md

@@ -2,7 +2,7 @@
 title: New and upcoming changes in recommendations, alerts, and incidents
 description: Get release notes for new and upcoming changes in recommendations, alerts, and incidents in Microsoft Defender for Cloud. 
 ms.topic: overview
-ms.date: 03/04/2026
+ms.date: 03/25/2026
 #customer intent: As a Defender for Cloud admin, I want to stay up to date on the latest new and changed security recommendations and alerts.
 ---
 
@@ -48,6 +48,7 @@ New and updated recommendations, alerts, and incidents are added to the table in
 
 | **Date announced**     | **Type**       | **State**            | **Name**                                                     |
 | ------------ | -------------- | -------------------- | ------------------------------------------------------------ |
+| March 25, 2026 | Recommendation | Deprecation | Following the announcement from December 3, 2025, The recommendation `Microsoft Defender for SQL status should be protected for Arc-enabled SQL Servers` for Defender for SQL Servers on Machines plan, is now deprecated. |
 | March 04, 2026 | Recommendation | Upcoming deprecation | The following grouped container vulnerability recommendations are set for deprecation on April 13, 2026:<br/>**Container recommendations:**<br/>\* [Preview] Containers running in Azure should have vulnerability findings resolved<br/>\* [Preview] Containers running in AWS should have vulnerability findings resolved<br/>\* [Preview] Containers running in GCP should have vulnerability findings resolved<br/>**Container image recommendations:**<br/>\* [Preview] Container images in Azure registry should have vulnerability findings resolved<br/>\* [Preview] Container images in AWS registry should have vulnerability findings resolved<br/>\* [Preview] Container images in GCP registry should have vulnerability findings resolved<br/><br/>These grouped recommendations are being replaced by individual recommendations that provide more granular visibility, better prioritization, and improved governance. Learn more in [Deprecation of preview of container and container images vulnerability recommendations](release-notes.md#deprecation-of-preview-of-container-and-container-images-vulnerability-recommendations). |
 | February 24, 2026 | Recommendation | GA | The following data recommendations are GA: <br><br> - [Storage accounts should restrict network access using virtual network rules](recommendations-reference-data.md#storage-accounts-should-restrict-network-access-using-virtual-network-rules). <br><br> - [Storage account should use a private link connection](recommendations-reference-data.md#storage-account-should-use-a-private-link-connection). <br><br> - [Storage accounts should prevent shared key access](recommendations-reference-data.md#storage-accounts-should-prevent-shared-key-access). |
 | February 16 2026 | Recommendation | Upcoming deprecation <br> (March 19, 2026) | The preview recommendation `Machines should be configured securely (powered by MDVM)`, which applied to Window machines, is set for deprecation. The recommendation is set to be replaced by the following OS-specific recommendations, which include Linux support using Guest configuration: <br><br> - **Vulnerabilities in security configuration on your Linux machines should be remediated (powered by Guest Configuration)** <br><br> - **Vulnerabilities in security configuration on your Windows machines should be remediated (powered by Guest Configuration)**.<br><br> These replacement recommendations are already available in Defender for Cloud. <br><br> If you have any governance rules, reports, or workflows that reference the deprecated recommendation, update them to use the replacement recommendations. To ensure the new recommendations can assess your machines, verify that the required prerequisites are in place: <br><br> - **Azure machines** should have the [Azure Machine Configuration extension](/azure/virtual-machines/extensions/guest-configuration) installed. <br> - **Non-Azure machines** should be onboarded via [Azure Arc](/azure/azure-arc/servers/overview), which includes the Machine Configuration extension by default. |