Is there a way to have Security Center trigger a webhook whenever a recommendation or alert is made?
Currently, I can create an alert in Azure Monitor and have it query OMS, then if the alert fires, have it notify an Action Group using a webhook.
As far as I can tell, the only notifications in Security Center are "Email notifications" under the "Security Policy" section which are "[used] in case our security team finds that your resources are compromised."
I'm hoping I can avoid having to create alerts that mirror their queries in order to set up webhook.
I am not aware of the ability to use webhooks in Azure Security Center but you can have a look at a preview feature from earlier in the year called Security Playbooks
Link: https://learn.microsoft.com/en-us/azure/security-center/security-center-playbooks
Essentially though a security playbook in security center is the below:
Security playbook is a collection of procedures that can be executed from Security Center once a certain playbook is triggered from selected alert. Security playbook can help to automate and orchestrate your response to a specific security alert detected by Security Center. Security Playbooks in Security Center are based on Azure Logic Apps, which means you can use the templates that are provided under the security category in Logic Apps templates, you can modify them based on your needs, or you can create new playbooks using Azure Logic Apps workflow, and using Security Center as your trigger.