| π Activity Log Alert for Create or Update Network Security Group does not exist π’ | 1 | π’ x6 |
| π Activity Log Alert for Create or Update Public IP Address Rule does not exist π’ | 1 | π’ x6 |
| π Activity Log Alert for Create or Update Security Solution does not exist π’ | 1 | π’ x6 |
| π Activity Log Alert for Create or Update SQL Server Firewall Rule does not exist π’ | 1 | π’ x6 |
| π Activity Log Alert for Create Policy Assignment does not exist π’ | 1 | π’ x6 |
| π Activity Log Alert for Delete Network Security Group does not exist π’ | 1 | π’ x6 |
| π Activity Log Alert for Delete Policy Assignment does not exist π’ | 1 | π’ x6 |
| π Activity Log Alert for Delete Public IP Address Rule does not exist π’ | 1 | π’ x6 |
| π Activity Log Alert for Delete Security Solution does not exist π’ | 1 | π’ x6 |
| π Activity Log Alert for Delete SQL Server Firewall Rule does not exist π’ | 1 | π’ x6 |
| π Application Insights are not configured π’ | 1 | π x1, π’ x5 |
| π Bastion Host does not exist π’ | 1 | π x1, π’ x5 |
| π Custom Subscription Administrator Roles exist π’ | 1 | π’ x6 |
| π Integration With Microsoft Defender For Cloud Apps is not enabled π’ | 1 | π’ x6 |
| π Integration With Microsoft Defender For Endpoint is not enabled π’ | 1 | π’ x6 |
| π Log Analytics Agent is not auto provisioned π’ | 1 | π’ x6 |
| π Microsoft Defender For (Managed Instance) Azure SQL Databases is not set to On π’ | 1 | π’ x6 |
| π Microsoft Defender For App Services is not set to On π’ | 1 | π’ x6 |
| π Microsoft Defender For Azure Cosmos DB is not set to On π’ | 1 | π’ x6 |
| π Microsoft Defender For Containers is not set to On π’ | 1 | π’ x6 |
| π Microsoft Defender For IoT Hub is not set to On π’ | | π’ x3 |
| π Microsoft Defender For Key Vault is not set to On π’ | 1 | π’ x6 |
| π Microsoft Defender For Open-Source Relational Databases is not set to On π’ | 1 | π’ x6 |
| π Microsoft Defender For Resource Manager is not set to On π’ | 1 | π’ x6 |
| π Microsoft Defender For Servers is not set to On π’ | 1 | π’ x6 |
| π Microsoft Defender For SQL Servers On Machines is not set to On π’ | 1 | π’ x6 |
| π Microsoft Defender For Storage is not set to On π’ | 1 | π’ x6 |
| π Network Watcher is not enabled in every available region π’ | 1 | π’ x6 |
| π Resource Lock Administrator Custom Role does not exist π’ | | π’ x3 |
| π Resources Basic SKU is used for production workloads π’ | | π’ x3 |
| π Security Alert Notifications additional email address is not configured π’ | 1 | π’ x6 |
| π Security Alert Notifications for alerts with High severity is not configured π’ | 1 | π’ x6 |
| π Security Alert Notifications to subscription owners are not configured π’ | 1 | π’ x6 |
| π Subscription Leaving Microsoft Entra ID Directory and Subscription Entering Microsoft Entra ID Directory is not set to Permit No One π’ | | π’ x3 |
| π Vulnerability Assessment is not auto provisioned π’ | | π’ x3 |