You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
All of the Azure Security Center plugins which audit for monitoring of various vulnerable configurations are broken. The reasons are varied, but right now these tests appear to be just generating noise. They should be fixed or removed (preferably the latter).
Monitor Blob Encryption
Deprecated as blob encryption is now enabled by default and cannot be disabled. Plugin can probably be removed.
Monitor Disk Encryption
Appears to be replaced by the "Disk encryption should be applied on virtual machines" policy.
Monitor Endpoint Protection
Appears to be replaced by the "Endpoint protection solution should be installed on virtual machine scale sets" and "Monitor missing Endpoint Protection in Azure Security Center" policies.
Monitor JIT Network Access
Appears to be replaced by the "Management ports of virtual machines should be protected with just-in-time network access control" policy.
Monitor NSG Enabled
This policy appears to have been replaced with several more granular policies.
Monitor SQL Auditing
Replaced by the "Auditing should be enabled on advanced data security settings on SQL Server" policy.
Monitor SQL Encryption
Replaced by the "Transparent Data Encryption on SQL databases should be enabled" policy.
Monitor System Updates
Appears to be replaced by the "System updates should be installed on your machines" policy.
Monitor VM Vulnerability
Appears to be replaced by the "A vulnerability assessment solution should be enabled on your virtual machines" policy.
I think there's a strong argument that the general approach of these plugins needs a rethink, as they're ultimately auditing a small subset of the broader controls the built-in Azure policy sets provide. If that's the case, these plugins I'd suggest should still be removed until such an overhaul is implemented, as right now they're just generating alerts which effectively can't be actioned.
The text was updated successfully, but these errors were encountered:
All of the Azure Security Center plugins which audit for monitoring of various vulnerable configurations are broken. The reasons are varied, but right now these tests appear to be just generating noise. They should be fixed or removed (preferably the latter).
Deprecated as blob encryption is now enabled by default and cannot be disabled. Plugin can probably be removed.
Appears to be replaced by the "Disk encryption should be applied on virtual machines" policy.
Appears to be replaced by the "Endpoint protection solution should be installed on virtual machine scale sets" and "Monitor missing Endpoint Protection in Azure Security Center" policies.
Appears to be replaced by the "Management ports of virtual machines should be protected with just-in-time network access control" policy.
This policy appears to have been replaced with several more granular policies.
Replaced by the "Auditing should be enabled on advanced data security settings on SQL Server" policy.
Replaced by the "Transparent Data Encryption on SQL databases should be enabled" policy.
Appears to be replaced by the "System updates should be installed on your machines" policy.
Appears to be replaced by the "A vulnerability assessment solution should be enabled on your virtual machines" policy.
I think there's a strong argument that the general approach of these plugins needs a rethink, as they're ultimately auditing a small subset of the broader controls the built-in Azure policy sets provide. If that's the case, these plugins I'd suggest should still be removed until such an overhaul is implemented, as right now they're just generating alerts which effectively can't be actioned.
The text was updated successfully, but these errors were encountered: