azure_compliance

Azure Compliance

Audit SQL servers without Advanced Data Security.

sql_server_azure_defender_enabled

nist_sp_800_171_rev_2_3_11_2

3.11.2 Scan for vulnerabilities in organizational systems and applications periodically and when new vulnerabilities affecting those systems and applications are identified

nist_sp_800_171_rev_2_3_11_3

3.11.3 Remediate vulnerabilities in accordance with risk assessments

nist_sp_800_171_rev_2_3_14_6

3.14.6 Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks

nist_sp_800_171_rev_2_3_14_7

3.14.7 Identify unauthorized use of organizational systems

nist_sp_800_171_rev_2_3_3_1

3.3.1 Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity

nist_sp_800_171_rev_2_3_3_2

3.3.2 Ensure that the actions of individual system users can be uniquely traced to those users, so they can be held accountable for their actions

nist_sp_800_171_rev_2_3_3_4

3.3.4 Alert in the event of an audit logging process failure

nist_sp_800_171_rev_2_3_3_5

3.3.5 Correlate audit record review, analysis, and reporting processes for investigation and response to indications of unlawful, unauthorized, suspicious, or unusual activity

fedramp_high_au_12_1

AU-12(1) System-Wide / Time-Correlated Audit Trail

fedramp_high_au_6_4

AU-6(4) Central Review And Analysis

fedramp_high_au_6_5

AU-6(5) Integration / Scanning And Monitoring Capabilities

fedramp_high_au_12

Audit Generation (AU-12)

nist_sp_800_53_rev_5_au_12

Audit Record Generation (AU-12)

fedramp_high_au_6

Audit Record Review, Analysis And Reporting (AU-6)

nist_sp_800_53_rev_5_au_6

Audit Record Review, Analysis, and Reporting (AU-6)

nist_sp_800_53_rev_5_au_6_4

Central Review and Analysis AU-6(4)

fedramp_high_ir_4

Incident Handling (IR-4)

nist_sp_800_53_rev_5_ir_4

nist_sp_800_53_rev_5_ir_5

Incident Monitoring (IR-5)

fedramp_high_ir_5

fedramp_high_si_4

Information System Monitoring (SI-4)

nist_sp_800_53_rev_5_au_6_5

Integrated Analysis of Audit Records AU-6(5)

rbi_itf_nbfc_v2017_it_information_and_cyber_security_3_1_f

Maker-checker-3.1.f

all_controls_sql

nist_sp_800_53_rev_5_ac_16

Security and Privacy Attributes (AC-16)

nist_sp_800_53_rev_5_si_4

System Monitoring (SI-4)

nist_sp_800_53_rev_5_au_12_1

System-wide and Time-correlated Audit Trail AU-12(1)

rbi_itf_nbfc_v2017_it_information_and_cyber_security_3_1_g

Trails-3.1.g

nist_sp_800_53_rev_5_ra_5

Vulnerability Monitoring and Scanning (RA-5)

fedramp_high_ra_5

Vulnerability Scanning (RA-5)

Azure Defender for SQL should be enabled for unprotected Azure SQL servers

azure

azuread

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, HIPAA HITRUST, NIST, PCI DSS across all your Azure subscriptions using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-azure-compliance

Control: Azure Defender for SQL should be enabled for unprotected Azure SQL servers

Description

Usage

SQL

Tags