Forum Discussion
Disable few policies that are applied by default
As we know Azure Security benchmark gets applied by default by Azure defender/Security center and as an organization I am fine with it but at the same time I want to disable few policies that are par...
ASC benchmark is actually many azure policies under one "Initiative Definition" named "Azure Security Benchmark" and one assignment on the subscription level.
I think it isn't possible to edit the existing one but you might be able to duplicate it, remove the policies you want and assign it instead of the build in one (if you have many subs, you can assign in to the root management group level).
To do it search for "policy" in azure portal, go to "definitions", filter "security center" and duplicate "Azure Security Benchmark"
Thanks
Gilad.
I think it isn't possible to edit the existing one but you might be able to duplicate it, remove the policies you want and assign it instead of the build in one (if you have many subs, you can assign in to the root management group level).
To do it search for "policy" in azure portal, go to "definitions", filter "security center" and duplicate "Azure Security Benchmark"
Thanks
Gilad.
EliMicrosoft
Hi Gilad,
Duplicating the ASB initiative and customize it may work, but it is little overkill. Defender for Cloud allow you to disable specific policies as I describe in previous reply.