Forum Discussion

gh91's avatar
gh91
Copper Contributor
Aug 21, 2020

Automatically update newly released built-in policies

Hello all,

 

I'm trying to understand if there is a way to automatically download newly built-in policies released by Microsoft in Audit mode or any way of getting notified when it is released in order to keep the policy initiative updated throughout the time

 

Are there any suggestions?

 

Thanks in advance.

 

Best regards

  • Hi gh91

    if you are referring to the builtin policy initiative, Azure Security Center is using, then the answer is yes. The builtin (default) ASC policy initiative will automatically be updated with additional policies once they are published. If you are using a custom policy initiative, there are two different scenarios:

    1. if you are using builtin security policies in your custom initiative, these policies will also automatically be updated once there is a change. However, we will not update your policy initiative by adding additional policies once they are released.
    2. if you are exclusively using custom policies in your custom initiative, these policies will not automatically be updated.

    Best regards,

    Tom Janetscheck

    Senior Program Manager

    CxE | Azure Security Center

     

  • Hi gh91

    if you are referring to the builtin policy initiative, Azure Security Center is using, then the answer is yes. The builtin (default) ASC policy initiative will automatically be updated with additional policies once they are published. If you are using a custom policy initiative, there are two different scenarios:

    1. if you are using builtin security policies in your custom initiative, these policies will also automatically be updated once there is a change. However, we will not update your policy initiative by adding additional policies once they are released.
    2. if you are exclusively using custom policies in your custom initiative, these policies will not automatically be updated.

    Best regards,

    Tom Janetscheck

    Senior Program Manager

    CxE | Azure Security Center

     

    • gh91's avatar
      gh91
      Copper Contributor

      Hello Tom_Janetscheck ,

       

      Thank you very much for the detailed reply.

       

      I'm looking to the scenario where I have a custom initiative with a mix of custom & built-in policies. Based on your reply, new built-in policies will not be added to the custom initiative once released.

       

      In that way, is there a method to receive alerts or any page where I can see the new built-in policies released by Microsoft in order to keep my custom initiative updated with the latest policies? 

       

      Thanks in advance!

      • Hello gh91

        there is no auto-notification option, but you'll find new policies mentioned in the Azure Security Center release notes, which are regularly updated every month. 

         

        Best regards,

        Tom

Resources