🚀Launch Week 07, January 27th - 31st, 2025🚀
Powerpipe Hub 
Hub
Mods
turbot/steampipe-mod-azure-compliance
Overview
13Dashboards
1311Benchmarks
430Queries
2Variables
GitHub

Control: Ensure that Windows Defender ATP (WDATP) integration with Security Center is selected

Description

This setting enables Windows Defender ATP (WDATP) integration with Security Center.

Usage

Run the control in your terminal:

powerpipe control run azure_compliance.control.securitycenter_wdatp_integration

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run azure_compliance.control.securitycenter_wdatp_integration --share

SQL

This control uses a named query:

select
  sc_sett.id as resource,
  case
    when enabled then 'ok'
    else 'alarm'
  end as status,
  case
    when enabled then 'Microsoft Cloud App Security (MCAS) integrated with Security Center.'
    else 'Microsoft Cloud App Security (MCAS) not integrated with Security Center.'
  end as reason
  
  , sub.display_name as subscription
from
  azure_security_center_setting sc_sett
  right join azure_subscription sub on sc_sett.subscription_id = sub.subscription_id
where
  name = 'WDATP';

Tags

service = Azure/SecurityCenter