v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/azure_compliance
Overview
13Dashboards
1311Controls
430Queries
2Variables
GitHub

Control: 7.6 Ensure that Endpoint Protection for all Virtual Machines is installed

Description

Install endpoint protection for all virtual machines.

Installing endpoint protection systems (like anti-malware for Azure) provides for real- time protection capability that helps identify and remove viruses, spyware, and other malicious software. These also offer configurable alerts when known-malicious or unwanted software attempts to install itself or run on Azure systems.

Remediation

Follow Microsoft Azure documentation to install endpoint protection from the security center. Alternatively, you can employ your own endpoint protection tool for your OS.

Default Value

By default Endpoint Protection is disabled.

Usage

Run the control in your terminal:

powerpipe control run azure_compliance.control.cis_v200_7_6

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run azure_compliance.control.cis_v200_7_6 --share

SQL

This control uses a named query:

manual_control

Tags

category = Compliance
cis = true
cis_item_id = 7.6
cis_level = 2
cis_section_id = 7
cis_type = manual
cis_version = v2.0.0
plugin = azure
service = Azure/Compute