azure_compliance

Azure Compliance

Audit each SQL Managed Instance without advanced data security.

securitycenter_azure_defender_on_for_sqlservervm

nist_sp_800_171_rev_2_3_11_2

3.11.2 Scan for vulnerabilities in organizational systems and applications periodically and when new vulnerabilities affecting those systems and applications are identified

nist_sp_800_171_rev_2_3_11_3

3.11.3 Remediate vulnerabilities in accordance with risk assessments

nist_sp_800_171_rev_2_3_14_1

3.14.1 Identify, report, and correct system flaws in a timely manner

nist_sp_800_171_rev_2_3_14_2

3.14.2 Provide protection from malicious code at designated locations within organizational systems

nist_sp_800_171_rev_2_3_14_3

3.14.3 Monitor system security alerts and advisories and take action in response

nist_sp_800_171_rev_2_3_14_6

3.14.6 Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks

nist_sp_800_171_rev_2_3_14_7

3.14.7 Identify unauthorized use of organizational systems

nist_sp_800_171_rev_2_3_3_1

3.3.1 Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity

nist_sp_800_171_rev_2_3_3_2

3.3.2 Ensure that the actions of individual system users can be uniquely traced to those users, so they can be held accountable for their actions

nist_sp_800_171_rev_2_3_3_4

3.3.4 Alert in the event of an audit logging process failure

nist_sp_800_171_rev_2_3_3_5

3.3.5 Correlate audit record review, analysis, and reporting processes for investigation and response to indications of unlawful, unauthorized, suspicious, or unusual activity

fedramp_high_ac_2_12

AC-2(12) Account Monitoring

nist_sp_800_53_rev_5_ac_2_12

Account Monitoring for Atypical Usage AC-2(12)

nist_sp_800_53_rev_5_au_12

Audit Record Generation (AU-12)

nist_sp_800_53_rev_5_au_6

Audit Record Review, Analysis, and Reporting (AU-6)

nist_sp_800_53_rev_5_au_6_4

Central Review and Analysis AU-6(4)

nist_sp_800_53_rev_5_si_2

Flaw Remediation (SI-2)

nist_sp_800_53_rev_5_ir_4

Incident Handling (IR-4)

nist_sp_800_53_rev_5_ir_5

Incident Monitoring (IR-5)

nist_sp_800_53_rev_5_au_6_5

Integrated Analysis of Audit Records AU-6(5)

rbi_itf_nbfc_v2017_it_information_and_cyber_security_3_1_f

Maker-checker-3.1.f

all_controls_securitycenter

Security Center

nist_sp_800_53_rev_5_ac_16

Security and Privacy Attributes (AC-16)

nist_sp_800_53_rev_5_au_12_1

System-wide and Time-correlated Audit Trail AU-12(1)

rbi_itf_nbfc_v2017_it_information_and_cyber_security_3_1_g

Trails-3.1.g

nist_sp_800_53_rev_5_ra_5

Vulnerability Monitoring and Scanning (RA-5)

Azure Defender for SQL should be enabled for unprotected SQL Managed Instances

azure

azuread

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, HIPAA HITRUST, NIST, PCI DSS across all your Azure subscriptions using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-azure-compliance

Control: Azure Defender for SQL should be enabled for unprotected SQL Managed Instances

Description

Usage

SQL

Tags