💼 2.1 Microsoft Defender for Cloud

• ID: /frameworks/cis-azure-v2.1.0/02/01

Description

This subsection is dedicated to providing guidance on Microsoft Defender for Cloud product plans. This guidance is intended to ensure that - at a minimum - the protective measures offered by these plans are being considered. Organizations may find that they have existing products or services that provide the same utility as some Microsoft Defender for Cloud products. Security and Administrative personnel need to make the determination on their organization's behalf regarding which - if any - of these recommendations are relevant to their organization's needs. In consideration of the above, and because of the potential for increased cost and complexity, please be aware that all Defender Plan recommendations are profiled as "Level 2" recommendations.

Similar

• Internal
  • ID: dec-b-9e166b4a

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 2.1.1 Ensure That Microsoft Defender for Servers Is Set to 'On' - Level 2 (Automated)		1	1		no data
💼 2.1.2 Ensure That Microsoft Defender for App Services Is Set To 'On' - Level 2 (Automated)		1	1		no data
💼 2.1.3 Ensure That Microsoft Defender for (Managed Instance) Azure SQL Databases Is Set To 'On' - Level 2 (Automated)		1	1		no data
💼 2.1.4 Ensure That Microsoft Defender for SQL Servers on Machines Is Set To 'On' - Level 2 (Automated)		1	1		no data
💼 2.1.5 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On' - Level 2 (Automated)			1		no data
💼 2.1.6 Ensure That Microsoft Defender for Azure Cosmos DB Is Set To 'On' - Level 2 (Automated)			1		no data
💼 2.1.7 Ensure That Microsoft Defender for Storage Is Set To 'On' - Level 2 (Automated)		1	1		no data
💼 2.1.8 Ensure That Microsoft Defender for Containers Is Set To 'On' - Level 2 (Automated)			1		no data
💼 2.1.9 Ensure That Microsoft Defender for Key Vault Is Set To 'On' - Level 2 (Automated)		1	1		no data
💼 2.1.10 [LEGACY] Ensure That Microsoft Defender for DNS Is Set To 'On' - Level 2 (Automated)		1			no data
💼 2.1.11 Ensure That Microsoft Defender for Resource Manager Is Set To 'On' - Level 2 (Automated)			1		no data
💼 2.1.12 Ensure that Microsoft Defender Recommendation for 'Apply system updates' status is 'Completed' - Level 1 (Automated)			1		no data
💼 2.1.13 Ensure that Microsoft Cloud Security Benchmark policies are not set to 'Disabled' - Level 1 (Manual)			1		no data
💼 2.1.14 Ensure that Auto provisioning of 'Log Analytics agent for Azure VMs' is Set to 'On' - Level 1 (Automated)		1	1		no data
💼 2.1.15 Ensure that Auto provisioning of 'Vulnerability assessment for machines' is Set to 'On' - Level 2 (Manual)			1		no data
💼 2.1.16 Ensure that Auto provisioning of 'Microsoft Defender for Containers components' is Set to 'On' - Level 2 (Automated)					no data
💼 2.1.17 Ensure That 'All users with the following roles' is set to 'Owner' - Level 1 (Automated)		1	1		no data
💼 2.1.18 Ensure 'Additional email addresses' is Configured with a Security Contact Email - Level 1 (Automated)		1	1		no data
💼 2.1.19 Ensure That 'Notify about alerts with the following severity' is Set to 'High' - Level 1 (Automated)			1		no data
💼 2.1.20 Ensure that Microsoft Defender for Cloud Apps integration with Microsoft Defender for Cloud is Selected - Level 2 (Manual)		1	1		no data
💼 2.1.21 Ensure that Microsoft Defender for Endpoint integration with Microsoft Defender for Cloud is selected - Level 2 (Manual)			1		no data
💼 2.1.22 Ensure that Microsoft Defender External Attack Surface Monitoring (EASM) is enabled - Level 2 (Manual)			1		no data