Ensure that Auto provisioning of 'Vulnerability assessment for machines' is Set to 'On'

MEDIUM

Description

Description:

Enable automatic provisioning of vulnerability assessment for machines on both Azure and hybrid (Arc enabled) machines.

Rationale:

Vulnerability assessment for machines scans for various security-related configurations and events such as system updates, OS vulnerabilities, and endpoint protection, then produces alerts on threat and vulnerability findings.

Additional licensing is required and configuration of Azure Arc introduces complexity beyond this recommendation.

Remediation

From Azure Portal

From Azure Home select the Portal Menu
Select 'Microsoft Defender for Cloud'
Then 'Environment Settings'
Select a subscription
Then 'Auto Provisioning' in the left column.
Ensure that 'Vulnerability assessment for machines' is set to 'On'

Repeat the above for any additional subscriptions.

Policy Details

Rule Reference ID: AC_AZURE_0019

CSP: Azure

Remediation Available: Yes

Domain: Compliance Validation

Resource: azurerm_security_center_auto_provisioning

Resource Category: Management

Resource Type: Security Center

Frameworks

CIS Azure Foundations v1.5.0 Level 2
CSCv8
NIST-800-53
NIST-800-171
NIST-CSF
GDPR
HIPAA
ISO-27001
CSCv7

Detections

Analytics