Skip to main content

๐Ÿ’ผ 2 Security Center

  • Contextual name: ๐Ÿ’ผ 2 Security Center
  • ID: /frameworks/cis-azure-v1.3.0/02
  • Located in: ๐Ÿ’ผ CIS Azure v1.3.0

Descriptionโ€‹

This section covers security recommendations to follow when setting various security policies on an Azure Subscription. A security policy defines the set of controls, which are recommended for resources within the specified Azure subscription. Please note that the majority of the recommendations mentioned in this section only produce an alert if a security violation is found. They do not actually enforce security settings by themselves. Alerts should be acted upon and remedied wherever possible.

Similarโ€‹

  • Internal
    • ID: dec-b-abc56499

Sub Sectionsโ€‹

SectionSub SectionsInternal RulesPoliciesFlags
๐Ÿ’ผ 2.1 Ensure that Azure Defender is set to On for Servers - Level 2 (Manual)11
๐Ÿ’ผ 2.2 Ensure that Azure Defender is set to On for App Service - Level 2 (Manual)11
๐Ÿ’ผ 2.3 Ensure that Azure Defender is set to On for Azure SQL database servers - Level 2 (Manual)11
๐Ÿ’ผ 2.4 Ensure that Azure Defender is set to On for SQL servers on machines - Level 2 (Manual)11
๐Ÿ’ผ 2.5 Ensure that Azure Defender is set to On for Storage - Level 2 (Manual)11
๐Ÿ’ผ 2.6 Ensure that Azure Defender is set to On for Kubernetes - Level 2 (Manual)
๐Ÿ’ผ 2.7 Ensure that Azure Defender is set to On for Container Registries - Level 2 (Manual)11
๐Ÿ’ผ 2.8 Ensure that Azure Defender is set to On for Key Vault - Level 2 (Manual)11
๐Ÿ’ผ 2.9 Ensure that Windows Defender ATP (WDATP) integration with Security Center is selected - Level 2 (Manual)11
๐Ÿ’ผ 2.10 Ensure that Microsoft Cloud App Security (MCAS) integration with Security Center is selected - Level 2 (Manual)11
๐Ÿ’ผ 2.11 Ensure that 'Automatic provisioning of monitoring agent' is set to 'On' - Level 1 (Automated)
๐Ÿ’ผ 2.12 Ensure any of the ASC Default policy setting is not set to "Disabled" - Level 1 (Manual _ Not supported, requires a manual assessment)
๐Ÿ’ผ 2.13 Ensure 'Additional email addresses' is configured with a security contact email - Level 1 (Automated)11
๐Ÿ’ผ 2.14 Ensure that 'Notify about alerts with the following severity' is set to 'High' - Level 1 (Automated)
๐Ÿ’ผ 2.15 Ensure that 'All users with the following roles' is set to 'Owner' - Level 1 (Automated)11