Forum Discussion
ShihanSuhail
Aug 12, 2021Copper Contributor
Is it ok to remove azure default initiative and use the azure benchmark?
Hi All,
We have an issue using both initiatives from the security center since both show the same recommendations.
So we got the idea to use the azure benchmark as a policy initiative. WDYT?
- Initiatives are great for applying and managing policies at scale and I always recommend my customers to group policies based on the "intent". The way you group your policies to initiatives has also an impact on reporting (how you see your compliance in the Compliance blade/view).
You should think about your Azure environment and what "standard" you want to apply where and how easy it is to eventually add/remove policies from initiatives, change assignments, etc.
- StanislavBelov
Microsoft
ASB is the default initiative in ASC: https://docs.microsoft.com/en-us/azure/security-center/policy-reference - pazdedavSteel ContributorAbsolutely possible if ASB fits your needs better.
- ShihanSuhailCopper ContributorDo u think it better to separate the initiative such as 1 initiative based on ASB only for k8s. and another for infrastructure. WDYT?
- pazdedavSteel ContributorInitiatives are great for applying and managing policies at scale and I always recommend my customers to group policies based on the "intent". The way you group your policies to initiatives has also an impact on reporting (how you see your compliance in the Compliance blade/view).
You should think about your Azure environment and what "standard" you want to apply where and how easy it is to eventually add/remove policies from initiatives, change assignments, etc.