Benchmark: 2.2 Auto Provisioning
Overview
Microsoft Defender for Cloud ingests data from agents, extensions, and integrations. Automatic provisioning assists with the deployment and maintenance of agents and extensions required on endpoints such as Azure Virtual Machines.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 2.2 Auto Provisioning.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.cis_v150_2_2Snapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.cis_v150_2_2 --shareControls
- 2.2.1 Ensure that Auto provisioning of 'Log Analytics agent for Azure VMs' is Set to 'On'
- 2.2.2 Ensure that Auto provisioning of 'Vulnerability assessment for machines' is Set to 'On'
- 2.2.3 Ensure that Auto provisioning of 'Microsoft Defender for Containers components' is Set to 'On'