Skip to main content

๐Ÿ’ผ 2 Microsoft Defender for Cloud

  • Contextual name: ๐Ÿ’ผ 2 Microsoft Defender for Cloud
  • ID: /frameworks/cis-azure-v1.5.0/02
  • Located in: ๐Ÿ’ผ CIS Azure v1.5.0

Descriptionโ€‹

This section covers recommendations to consider for tenant-wide security policies and plans related to Microsoft Defender. Please note that because Microsoft Defender products require additional licensing, all Microsoft Defender plan recommendations in subsection 2.1 are assigned as โ€œLevel 2.โ€

Similarโ€‹

  • Internal
    • ID: dec-b-7386f186

Sub Sectionsโ€‹

SectionSub SectionsInternal RulesPoliciesFlags
๐Ÿ’ผ 2.1 Defender Plans13
ย ย ย ย ๐Ÿ’ผ 2.1.1 Ensure That Microsoft Defender for Servers Is Set to 'On' - Level 2 (Manual)11
ย ย ย ย ๐Ÿ’ผ 2.1.2 Ensure That Microsoft Defender for App Services Is Set To 'On' - Level 2 (Manual)11
ย ย ย ย ๐Ÿ’ผ 2.1.3 Ensure That Microsoft Defender for Databases Is Set To 'On' - Level 2 (Manual)
ย ย ย ย ๐Ÿ’ผ 2.1.4 Ensure That Microsoft Defender for Azure SQL Databases Is Set To 'On' - Level 2 (Manual)11
ย ย ย ย ๐Ÿ’ผ 2.1.5 Ensure That Microsoft Defender for SQL Servers on Machines Is Set To 'On' - Level 2 (Manual)11
ย ย ย ย ๐Ÿ’ผ 2.1.6 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On' - Level 2 (Manual)
ย ย ย ย ๐Ÿ’ผ 2.1.7 Ensure That Microsoft Defender for Storage Is Set To 'On' - Level 2 (Manual)11
ย ย ย ย ๐Ÿ’ผ 2.1.8 Ensure That Microsoft Defender for Containers Is Set To 'On' - Level 2 (Manual)
ย ย ย ย ๐Ÿ’ผ 2.1.9 Ensure That Microsoft Defender for Cosmos DB Is Set To 'On' - Level 2 (Manual)
ย ย ย ย ๐Ÿ’ผ 2.1.10 Ensure That Microsoft Defender for Key Vault Is Set To 'On' - Level 2 (Manual)11
ย ย ย ย ๐Ÿ’ผ 2.1.11 Ensure That Microsoft Defender for DNS Is Set To 'On' - Level 2 (Manual)11
ย ย ย ย ๐Ÿ’ผ 2.1.12 Ensure That Microsoft Defender for IoT Is Set To 'On' - Level 2 (Manual)
ย ย ย ย ๐Ÿ’ผ 2.1.13 Ensure That Microsoft Defender for Resource Manager Is Set To 'On' - Level 2 (Manual)
๐Ÿ’ผ 2.2 Auto provisioning3
ย ย ย ย ๐Ÿ’ผ 2.2.1 Ensure that Auto provisioning of 'Log Analytics agent for Azure VMs' is Set to 'On' - Level 1 (Automated)
ย ย ย ย ๐Ÿ’ผ 2.2.2 Ensure that Auto provisioning of 'Vulnerability assessment for machines' is Set to 'On' - Level 2 (Automated)
ย ย ย ย ๐Ÿ’ผ 2.2.3 Ensure that Auto provisioning of 'Microsoft Defender for Containers components' is Set to 'On' - Level 2 (Automated)
๐Ÿ’ผ 2.3 Email notifications3
ย ย ย ย ๐Ÿ’ผ 2.3.1 Ensure That 'All users with the following roles' is set to 'Owner' - Level 1 (Automated)11
ย ย ย ย ๐Ÿ’ผ 2.3.2 Ensure 'Additional email addresses' is Configured with a Security Contact Email - Level 1 (Automated)11
ย ย ย ย ๐Ÿ’ผ 2.3.3 Ensure That 'Notify about alerts with the following severity' is Set to 'High' - Level 1 (Automated)
๐Ÿ’ผ 2.4 Integrations2
ย ย ย ย ๐Ÿ’ผ 2.4.1 Ensure that Microsoft Defender for Cloud Apps integration with Microsoft Defender for Cloud is Selected - Level 2 (Manual)
ย ย ย ย ๐Ÿ’ผ 2.4.2 Ensure that Microsoft Defender for Endpoint integration with Microsoft Defender for Cloud is selected - Level 2 (Manual)
๐Ÿ’ผ 2.5 Ensure that Microsoft Defender Recommendation for 'Apply system updates' status is 'Completed' - Level 1 (Manual)
๐Ÿ’ผ 2.6 Ensure Any of the ASC Default Policy Settings are Not Set to 'Disabled' - Level 1 (Manual)