Ensure that none of the parameters (recommendations) provided by Azure Security Center (ASC) Default policy are disabled in order to meet security and compliance requirements.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
A security policy defines the desired configuration of your workloads and helps ensure compliance with the organization or regulatory security requirements. Azure Security Center (ASC) Default policy is associated with every subscription by default. ASC Default policy assignment represents a set of security recommendations based on industry best practices. Having an active ASC Default policy (i.e. with all the parameters enabled) ensures that Microsoft Azure Security Center monitors all of the supported recommendations and allows automated action (optionally, for few of the recommendations). An example of the ASC Default policy parameter that can help to maintain the security of your Azure cloud infrastructure is Distributed Denial-of-Service (DDoS) protection monitoring (i.e. "vnetEnableDDoSProtectionMonitoringEffect" parameter). With DDoS protection monitoring enabled, Azure Security Center (ASC) can determine if the monitoring of DDoS protection is enabled for your Microsoft Azure public virtual networks and make the proper recommendations to protect against DDoS attacks.
Audit
To determine if all the ASC Default policy parameters (recommendations) are enabled for your Azure cloud subscriptions, perform the following actions:
Remediation / Resolution
To enable all the ASC Default policy parameters for your Microsoft Azure subscriptions, perform the following actions:
References
- Azure Official Documentation
- Manage security policies
- Remediate recommendations in Azure Security Center
- Get Security Policy (GET)
- Update Security Policy (PUT)
- Policy Assignments - Get
- Policy Assignments - Create
- Manage security policies
- IR-2: Preparation – setup incident notification
- Azure Command Line Interface (CLI) Documentation
- az
- az account get-access-token
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Enable All Parameters for ASC Default Policy
Risk level: High