Benchmark: 2 Microsoft Defender for Cloud
Overview
This section covers recommendations to consider for tenant-wide security policies and plans related to Microsoft Defender. Please note that because Microsoft Defender products require additional licensing, all Microsoft Defender plan recommendations in subsection 2.1 are assigned as "Level 2".
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 2 Microsoft Defender for Cloud.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.cis_v150_2Snapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.cis_v150_2 --shareBenchmarks
Controls
- 2.5 Ensure that Microsoft Defender Recommendation for 'Apply system updates' status is 'Completed'
- 2.6 Ensure Any of the ASC Default Policy Settings are Not Set to 'Disabled'