Azure_SecurityCenter_4

Ensure ASC Default policy setting Monitor OS Vulnerabilities is not Disabled

Description

Enable Monitor OS vulnerability recommendations for virtual machines.

Remediation

Perform the following in the Azure Console:

  1. Navigate to Azure Policy
  2. On Policy Overview blade, Click on Policy ASC Default (Subscription:Subscription_ID)
  3. On ASC Default blade, Click on Edit Assignments
  4. In section PARAMETERS , Set Monitor os Vulnerabilities to AuditIfNotExists or any other available value than Disabled
  5. Click Save

References:

  1. https://docs.microsoft.com/en-us/azure/security-center/security-center-policies 
  2. https://docs.microsoft.com/en-us/azure/security-center/security-center-remediate-os-vulnerabilities
  3. https://gallery.technet.microsoft.com/Azure-Security-Center-a789e335 
  4. https://msdn.microsoft.com/en-us/library/mt704062.aspx
  5. https://msdn.microsoft.com/en-us/library/mt704063.aspx
  6. https://docs.microsoft.com/en-us/rest/api/resources/policyassignments/get
  7. https://docs.microsoft.com/en-us/rest/api/resources/policyassignments/create
     


Service

Security Center

Severity

Medium

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!