What is the recommended approach for comparing a current configuration to the recommended security baselines from MS for the API Management and the Application Gateway services ? Many of these are not covered by the Azure Security Center.
Does this need to be done manually, or is there some automated tool that I have not found?
