Forum Discussion

Sivaramas's avatar
Sivaramas
Copper Contributor
May 20, 2019

Azure CIS

In Security center -> Regulatory compliance, not all the CIS benchmark recommendations are listed under Azure CIS 1.1.0. for example under 1. Identity and access management, the Recommendations 1.10 ...
CliveWatson's avatar
CliveWatson
Former Employee
May 21, 2019

Sivaramas 

https://docs.microsoft.com/en-us/azure/security-center/security-center-compliance-dashboard

 

Some controls are grayed out. These controls do not have any Security Center assessments associated with them. You need to analyze the requirements for these and assess them in your environment on your own. Some of these may be process-related and not technical.

 

Also remember this feature is in Preview so some controls are not yet supported/added.

  • sivaram1325's avatar
    sivaram1325
    Copper Contributor
    May 21, 2019

    CliveWatson 

     

    Thank you Clive.

     

    Will there be any new APIs planned for the CIS controls which are not assessed? I understand that the controls should be technical not process.

     

    Thinking whether we should develop a custom code or wait for APIs from Azure? Appreciate your response.

    • CliveWatson's avatar
      CliveWatson
      Former Employee
      May 22, 2019

      sivaram1325 

       

      I know the ASC team are working on these, as a priority item, but there is no ETA.  If I hear more I will share.

      • MichaelJohnson's avatar
        MichaelJohnson
        Copper Contributor
        Oct 22, 2019

        CliveWatson  Any news with this? it is October 2019 already:)