Azure Defender for Resource Manager automatically monitors the resource management operations in your organization, whether they're performed through the Azure portal, Azure REST APIs, Azure CLI, or other Azure programmatic clients. Alerts are generated by threats detected in Azure Resource Manager logs and Azure Activity logs. Azure Defender runs advanced security analytics to detect threats and alert you about suspicious activity.