Azure_SecurityCenter_3

Ensure ASC Default policy setting Monitor System Updates is not Disabled

Description

Enable system updates recommendations for virtual machines.

Remediation

Perform the following in the Azure Console:

  1. Navigate to Azure Policy
  2. On Policy Overview blade, Click on Policy ASC Default (Subscription:Subscription_ID)
  3. On ASC Default blade, Click on Edit Assignments
  4. In section PARAMETERS , Set Monitor system updates to AuditIfNotExists or any other available value than Disabled
  5. Click Save

References:

  1. https://docs.microsoft.com/en-us/azure/security-center/security-center-policies
  2. https://docs.microsoft.com/en-us/azure/security-center/security-center-apply-system-updates
  3. https://msdn.microsoft.com/en-us/library/mt704062.aspx
  4. https://msdn.microsoft.com/en-us/library/mt704063.aspx
  5. https://docs.microsoft.com/en-us/rest/api/resources/policyassignments/get
  6. https://docs.microsoft.com/en-us/rest/api/resources/policyassignments/create
     


Service

Security Center

Severity

Medium

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!