From Compliance to Auto-Remediation: Azure's Latest Linux Security Innovations

Hi Bart,

Appreciate your feedback and questions. This is only the first iteration of a lots of new things and your question are raising good points - let me try to address them.

1. This particular policy is an Azure branded policy which has been uplifted as a first step to include the references to the CIS and provide better and richer outcomes when it comes to reporting state of compliance. (It has around 63% coverage if the distro independent benchmark.)
2. I've hinted in the blog that we are working on a fully aligned set of CIS benchmarks coming soon which will be branded as CIS and will have a fully aligned content to the standards per distro. As you highlighted the companies are aimed to be compliant against CIS and not against an Azure interpretation of CIS. Stay tuned on the upcoming announcements in this space because exactly this is what we are aiming to resolve and help customers with.

I hope I've managed to answer your questions - if you have additional questions please do not hesitate to contact me.

Pal