2.6 Ensure Any of the ASC Default Policy Settings are Not Set to 'Disabled'

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

None of the settings offered by ASC Default policy should be set to effect Disabled.

Rationale:

A security policy defines the desired configuration of your workloads and helps ensure compliance with company or regulatory security requirements. ASC Default policy is associated with every subscription by default. ASC default policy assignment is a set of security recommendations based on best practices. Enabling recommendations in ASC default policy ensures that Azure security center provides the ability to monitor all of the supported recommendations and optionally allow automated action for a few of the supported recommendations.

Solution

From Azure Portal

From Azure Home select the Portal Menu

Select Microsoft Defender for Cloud

Then Environment Settings

Click on a subscription

Select Security Policy in the left column.

Click on ASC Default under Default initiative

Scroll down to Policy Enforcement and ensure it is set to Enabled

Click on the Parameters tab and uncheck Only show parameters that need input or review

In section PARAMETERS, configure the impacted setting to any other available value than Disabled or empty

Click Save

See Also

https://workbench.cisecurity.org/files/4052