Azure_compliance/control/check
Description: Enable audit_log_enabled on MySQL Servers. Rationale: Enabling audit_log_enabled helps MySQL Database to log items such as connection att...
Tue, 22 Aug, 2023 at 5:49 AM
Description: Migrate blob-based VHDs to Managed Disks on Virtual Machines to exploit the default features of this configuration. The features include: 1....
Fri, 8 Sep, 2023 at 5:57 AM
Description: Set audit_log_enabled to include CONNECTION on MySQL Servers. Rationale: Enabling CONNECTION helps MySQL Database to log items such as su...
Tue, 22 Aug, 2023 at 5:53 AM
Description: Limiting your Cosmos DB to only communicate on whitelisted networks lowers its attack footprint. Rationale: Selecting certain...
Thu, 7 Sep, 2023 at 10:48 AM
Description: The Azure Bastion service allows secure remote access to Azure Virtual Machines over the Internet without exposing remote access protocol port...
Mon, 21 Aug, 2023 at 9:03 AM
Description: Cosmos DB can use tokens or AAD for client authentication which in turn will use Azure RBAC for authorization. Using AAD is significantly more...
Tue, 22 Aug, 2023 at 6:05 AM
Description: Enable Network Watcher for Azure subscriptions. Rationale: Network diagnostic and visualization tools available with Network Watcher help...
Fri, 8 Sep, 2023 at 5:56 AM
Description: Network Security Group Flow Logs should be enabled and the retention period set to greater than or equal to 90 days. Rationale: Flow logs...
Mon, 21 Aug, 2023 at 9:13 AM
Description: Enable AuditEvent logging for key vault instances to ensure interactions with key vaults are logged and available. Rationale: Monitoring...
Tue, 22 Aug, 2023 at 5:08 AM
Description: Network security groups should be periodically evaluated for port misconfigurations. Where certain ports and protocols may be exposed to the I...
Mon, 21 Aug, 2023 at 9:15 AM