| 💼 9.1 Azure Files | 3 | | 3 | | no data |
|  💼 9.1.1 Ensure Soft Delete for Azure File Shares is Enabled (Automated) | | | 1 | | no data |
|  💼 9.1.2 Ensure 'SMB protocol version' is Set to 'SMB 3.1.1' or Higher for SMB file shares (Automated) | | | 1 | | no data |
|  💼 9.1.3 Ensure 'SMB channel encryption' is Set to 'AES-256-GCM' or Higher for SMB file shares (Automated) | | | 1 | | no data |
| 💼 9.2 Azure Blob Storage | 3 | | 3 | | no data |
|  💼 9.2.1 Ensure That Soft Delete for Blobs on Azure Blob Storage Storage Accounts is Enabled (Automated) | | | 1 | | no data |
|  💼 9.2.2 Ensure that Soft Delete for Containers on Azure Blob Storage Storage Accounts is Enabled (Automated) | | | 1 | | no data |
|  💼 9.2.3 Ensure 'Versioning' is Set to 'Enabled' on Azure Blob Storage Storage Accounts (Automated) | | | 1 | | no data |
| 💼 9.3 Storage Accounts | 11 | | 15 | | no data |
|  💼 9.3.1 Secrets and Keys | 3 | | 3 | | no data |
|   💼 9.3.1.1 Ensure That 'Enable key rotation reminders' is Enabled for Each Storage Account (Automated) | | | 1 | | no data |
|   💼 9.3.1.2 Ensure That Storage Account Access keys are Periodically Regenerated (Automated) | | | 1 | | no data |
|   💼 9.3.1.3 Ensure 'Allow storage account key access' for Azure Storage Accounts is 'Disabled' (Automated) | | | 1 | | no data |
|  💼 9.3.2 Networking | 3 | | 3 | | no data |
|   💼 9.3.2.1 Ensure Private Endpoints are Used to Access Storage Accounts (Automated) | | | 1 | | no data |
|   💼 9.3.2.2 Ensure that 'Public Network Access' is 'Disabled' for Storage Accounts (Automated) | | | 1 | | no data |
|   💼 9.3.2.3 Ensure Default Network Access Rule for Storage Accounts is Set to Deny (Automated) | | | 1 | | no data |
|  💼 9.3.3 Identity and Access Management | 1 | | 1 | | no data |
|   💼 9.3.3.1 Ensure that 'Default to Microsoft Entra authorization in the Azure portal' is Set to 'Enabled' (Automated) | | | 1 | | no data |
|  💼 9.3.4 Ensure that 'Secure transfer required' is Set to 'Enabled' (Automated) | | | 1 | | no data |
|  💼 9.3.5 Ensure 'Allow trusted Microsoft services to access this resource' is Enabled for Storage Account Access (Automated) | | | 1 | | no data |
|  💼 9.3.6 Ensure the 'Minimum TLS version' for Storage Accounts is Set to 'Version 1.2' (Automated) | | | 1 | | no data |
|  💼 9.3.7 Ensure 'Cross Tenant Replication' is Not Enabled (Automated) | | | 1 | | no data |
|  💼 9.3.8 Ensure that 'Allow Blob Anonymous Access' is Set to 'Disabled' (Automated) | | | 1 | | no data |
|  💼 9.3.9 Ensure Azure Resource Manager Delete Locks are Applied to Azure Storage Accounts (Manual) | | | 1 | | no data |
|  💼 9.3.10 Ensure Azure Resource Manager ReadOnly Locks are Considered for Azure Storage Accounts (Manual) | | | 1 | | no data |
|  💼 9.3.11 Ensure Redundancy is Set to 'geo-redundant storage (GRS)' on Critical Azure Storage Accounts (Automated) | | | 1 | | no data |