💼 3.1 Microsoft Defender for Cloud

• Contextual name: 💼 3.1 Microsoft Defender for Cloud
• ID: /frameworks/cis-azure-v3.0.0/03/01
• Located in: 💼 3 Security

Description

This subsection provides guidance on the use of Microsoft Defender for Cloud and associated product plans. This guidance is intended to ensure that - at a minimum - the protective measures offered by these plans are being considered. Organizations may find that they have existing products or services that provide the same utility as some Microsoft Defender for Cloud products. Security and Administrative personnel need to make the determination on their organization's behalf regarding which - if any - of these recommendations are relevant to their organization's needs. In consideration of the above, and because of the potential for increased cost and complexity, please be aware that all Microsoft Defender for Cloud and associated plan recommendations are profiled as "Level 2" recommendations.

Similar

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 3.1.1 Microsoft Cloud Security Posture Management (CSPM)	2
💼 3.1.1.1 Ensure that Auto provisioning of 'Log Analytics agent for Azure VMs' is Set to 'On' (Automated)			1
💼 3.1.1.2 Ensure that Microsoft Defender for Cloud Apps integration with Microsoft Defender for Cloud is Selected (Automated)			1
💼 3.1.2 Defender Plan: APIs
💼 3.1.3 Defender Plan: Servers	5
💼 3.1.3.1 Ensure That Microsoft Defender for Servers Is Set to 'On' (Automated)			1
💼 3.1.3.2 Ensure that 'Vulnerability assessment for machines' component status is set to 'On' (Manual)			1
💼 3.1.3.3 Ensure that 'Endpoint protection' component status is set to 'On' (Manual)			1
💼 3.1.3.4 Ensure that 'Agentless scanning for machines' component status is set to 'On' (Manual)			1
💼 3.1.3.5 Ensure that 'File Integrity Monitoring' component status is set to 'On' (Manual)			1
💼 3.1.4 Defender Plan: Containers	3
💼 3.1.4.1 Ensure That Microsoft Defender for Containers Is Set To 'On' (Automated)			1
💼 3.1.4.2 Ensure that 'Agentless discovery for Kubernetes' component status 'On' (Automated)			1
💼 3.1.4.3 Ensure that 'Agentless container vulnerability assessment' component status is 'On' (Automated)			1
💼 3.1.5 Defender Plan: Storage	1
💼 3.1.5.1 Ensure That Microsoft Defender for Storage Is Set To 'On' (Automated)			1
💼 3.1.6 Defender Plan: App Service	1
💼 3.1.6.1 Ensure That Microsoft Defender for App Services Is Set To 'On' (Automated)			1
💼 3.1.7 Defender Plan: Databases	4
💼 3.1.7.1 Ensure That Microsoft Defender for Azure Cosmos DB Is Set To 'On' (Automated)			1
💼 3.1.7.2 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On' (Automated)			1
💼 3.1.7.3 Ensure That Microsoft Defender for (Managed Instance) Azure SQL Databases Is Set To 'On' (Automated)			1
💼 3.1.7.4 Ensure That Microsoft Defender for SQL Servers on Machines Is Set To 'On' (Automated)			1
💼 3.1.8 Defender Plan: Key Vault	1
💼 3.1.8.1 Ensure That Microsoft Defender for Key Vault Is Set To 'On' (Automated)			1
💼 3.1.9 Defender Plan: Resource Manager	1
💼 3.1.9.1 Ensure That Microsoft Defender for Resource Manager Is Set To 'On' (Automated)			1
💼 3.1.10 Ensure that Microsoft Defender Recommendation for 'Apply system updates' status is 'Completed' (Automated)			1
💼 3.1.11 Ensure that Microsoft Cloud Security Benchmark policies are not set to 'Disabled' (Manual)			1
💼 3.1.12 Ensure That 'All users with the following roles' is set to 'Owner' (Automated)			1
💼 3.1.13 Ensure 'Additional email addresses' is Configured with a Security Contact Email (Automated)			1
💼 3.1.14 Ensure That 'Notify about alerts with the following severity' is Set to 'High' (Automated)			1
💼 3.1.15 Ensure that Microsoft Defender External Attack Surface Monitoring (EASM) is enabled (Manual)			1
💼 3.1.16 [LEGACY] Ensure That Microsoft Defender for DNS Is Set To 'On' (Automated)			1