azure_compliance

Azure Compliance

Azure Defender for servers provides real-time threat protection for server workloads and generates hardening recommendations as well as alerts about suspicious activities.

securitycenter_azure_defender_on_for_server

nist_sp_800_171_rev_2_3_11_2

3.11.2 Scan for vulnerabilities in organizational systems and applications periodically and when new vulnerabilities affecting those systems and applications are identified

nist_sp_800_171_rev_2_3_11_3

3.11.3 Remediate vulnerabilities in accordance with risk assessments

nist_sp_800_171_rev_2_3_14_1

3.14.1 Identify, report, and correct system flaws in a timely manner

nist_sp_800_171_rev_2_3_14_2

3.14.2 Provide protection from malicious code at designated locations within organizational systems

nist_sp_800_171_rev_2_3_14_3

3.14.3 Monitor system security alerts and advisories and take action in response

nist_sp_800_171_rev_2_3_14_5

3.14.5 Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed

nist_sp_800_171_rev_2_3_14_6

3.14.6 Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks

nist_sp_800_171_rev_2_3_14_7

3.14.7 Identify unauthorized use of organizational systems

nist_sp_800_171_rev_2_3_3_1

3.3.1 Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity

nist_sp_800_171_rev_2_3_3_2

3.3.2 Ensure that the actions of individual system users can be uniquely traced to those users, so they can be held accountable for their actions

nist_sp_800_171_rev_2_3_3_4

3.3.4 Alert in the event of an audit logging process failure

nist_sp_800_171_rev_2_3_3_5

3.3.5 Correlate audit record review, analysis, and reporting processes for investigation and response to indications of unlawful, unauthorized, suspicious, or unusual activity

nist_sp_800_171_rev_2_3_4_6

3.4.6 Employ the principle of least functionality by configuring organizational systems to provide only essential capabilities

fedramp_high_ac_2_12

AC-2(12) Account Monitoring

fedramp_high_au_12_1

AU-12(1) System-Wide / Time-Correlated Audit Trail

fedramp_high_au_6_4

AU-6(4) Central Review And Analysis

fedramp_high_au_6_5

AU-6(5) Integration / Scanning And Monitoring Capabilities

nist_sp_800_53_rev_5_ac_2_12

Account Monitoring for Atypical Usage AC-2(12)

fedramp_high_au_12

Audit Generation (AU-12)

nist_sp_800_53_rev_5_au_12

Audit Record Generation (AU-12)

fedramp_high_au_6

Audit Record Review, Analysis And Reporting (AU-6)

nist_sp_800_53_rev_5_au_6

Audit Record Review, Analysis, and Reporting (AU-6)

nist_sp_800_53_rev_5_au_6_4

Central Review and Analysis AU-6(4)

nist_sp_800_53_rev_5_si_2

Flaw Remediation (SI-2)

fedramp_high_si_2

fedramp_high_ir_4

Incident Handling (IR-4)

nist_sp_800_53_rev_5_ir_4

nist_sp_800_53_rev_5_ir_5

Incident Monitoring (IR-5)

fedramp_high_ir_5

fedramp_high_si_4

Information System Monitoring (SI-4)

nist_sp_800_53_rev_5_au_6_5

Integrated Analysis of Audit Records AU-6(5)

nist_sp_800_53_rev_5_cm_7

Least Functionality (CM-7)

fedramp_high_cm_7

rbi_itf_nbfc_v2017_it_information_and_cyber_security_3_1_f

Maker-checker-3.1.f

nist_sp_800_53_rev_5_si_3

Malicious Code Protection (SI-3)

fedramp_high_si_3

fedramp_high_si_16

Memory Protection (SI-16)

nist_sp_800_53_rev_5_si_16

fedramp_high_si_3_1

SI-3(1) Central Management

all_controls_securitycenter

Security Center

fedramp_high_sc_3

Security Function Isolation (SC-3)

nist_sp_800_53_rev_5_sc_3

nist_sp_800_53_rev_5_si_4

System Monitoring (SI-4)

nist_sp_800_53_rev_5_au_12_1

System-wide and Time-correlated Audit Trail AU-12(1)

rbi_itf_nbfc_v2017_it_information_and_cyber_security_3_1_g

Trails-3.1.g

nist_sp_800_53_rev_5_ra_5

Vulnerability Monitoring and Scanning (RA-5)

fedramp_high_ra_5

Vulnerability Scanning (RA-5)

Azure Defender for servers should be enabled

azure

azuread

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, HIPAA HITRUST, NIST, PCI DSS across all your Azure subscriptions using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-azure-compliance

Control: Azure Defender for servers should be enabled

Description

Usage

SQL

Tags