%3CLINGO-SUB%20id%3D%22lingo-sub-1117585%22%20slang%3D%22en-US%22%3ERe%3A%20Gain%20visibility%20for%20CVE-2020%E2%80%930601%20with%20Azure%20security%20center%20recommendation%20across%20your%20tenant.%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1117585%22%20slang%3D%22en-US%22%3E%3CP%3EGreat%20article.%20This%20one%20gives%20a%20bit%20more%20to%20do%20the%20audit%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fazsec.azurewebsites.net%2F2020%2F01%2F18%2Fguidance-for-cve-crypto-and-rdg-vulnerability-patching-on-azure-vm%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fazsec.azurewebsites.net%2F2020%2F01%2F18%2Fguidance-for-cve-crypto-and-rdg-vulnerability-patching-on-azure-vm%2F%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1112896%22%20slang%3D%22en-US%22%3EGain%20visibility%20for%20CVE-2020%E2%80%930601%20with%20Azure%20security%20center%20recommendation%20across%20your%20tenant.%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1112896%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20data-preserver-spaces%3D%22true%22%3EAzure%20Security%20Center%20periodically%20analyzing%20the%20security%20state%20of%20your%20Azure%20resources%20to%20identify%20potential%20security%20vulnerabilities.%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20data-preserver-spaces%3D%22true%22%3EIn%20this%20blog%20post%2C%20we%20will%20review%20how%20to%20use%20Azure%20security%20center%20recommendation%20that%20tracks%20your%20servers%20for%20a%20missing%20critical%20security%20patch%20and%20create%20a%20dashboard%20that%20will%20present%20and%20help%20us%20to%20track%20how%20many%20servers%20are%20potentially%20impacted%20by%26nbsp%3B%3C%2FSPAN%3E%3CA%20class%3D%22_e75a791d-denali-editor-page-rtfLink%22%20href%3D%22https%3A%2F%2Fportal.msrc.microsoft.com%2Fen-US%2Fsecurity-guidance%2Fadvisory%2FCVE-2020-0601%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CSPAN%20data-preserver-spaces%3D%22true%22%3ECVE-2020%E2%80%930601.%3C%2FSPAN%3E%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20data-preserver-spaces%3D%22true%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20data-preserver-spaces%3D%22true%22%3EWe%20created%20a%20dashboard%20that%20uses%20Azure%20security%20center%20missing%20update%20recommendation%20and%20looks%20for%20all%20the%20servers%20that%20missing%20to%20critical%20security%20update%20across%20you%E2%80%99re%20your%20subscriptions%20and%20even%20your%20tenants%20(with%20the%20integration%20with%20lighthouse).%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22margin%3A%200in%3B%20font-family%3A%20Calibri%3B%20font-size%3A%2011.0pt%3B%22%3EThe%20prerequisite%20is%20that%20VM's%20will%20be%20monitor%20by%20Azure%20security%20center%20(their%20monitoring%20agent%20should%20send%20security%20data)%3C%2FP%3E%0A%3CP%3E%3CSPAN%20data-preserver-spaces%3D%22true%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20data-preserver-spaces%3D%22true%22%3EYou%20can%20leverage%26nbsp%3B%3C%2FSPAN%3E%3CA%20class%3D%22_e75a791d-denali-editor-page-rtfLink%22%20href%3D%22https%3A%2F%2Fgithub.com%2FAzure%2FAzure-Security-Center%2Ftree%2Fmaster%2FWorkbooks%2FCVE-2020-0601%2520vulnerability%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CSPAN%20data-preserver-spaces%3D%22true%22%3Ethis%20workbooks%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-preserver-spaces%3D%22true%22%3E%26nbsp%3B(from%20our%20GitHub%20community%20%2F%20written%20by%20Microsoft).%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20data-preserver-spaces%3D%22true%22%3Eyou%20will%20need%20to%20import%20this%20JSON%20file%20to%20a%20new%20dashboard%20and%20configured%20the%20data%20sources%20to%20your%20Azure%20Security%20Center%20workspace%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20data-preserver-spaces%3D%22true%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F165647iA1108D22F4C0A4FE%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22CVE.GIF%22%20title%3D%22CVE.GIF%22%20%2F%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-1112896%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20data-preserver-spaces%3D%22true%22%3EIn%20this%20blog%20post%2C%20we%20will%20review%20how%20to%20use%20Azure%20security%20center%20recommendation%20that%20tracks%20your%20servers%20for%20a%20missing%20critical%20security%20patch%20and%20create%20a%20dashboard%20that%20will%20present%20and%20help%20us%20to%20track%20how%20many%20servers%20are%20potentially%20impacted%20by%26nbsp%3B%3C%2FSPAN%3E%3CA%20class%3D%22_e75a791d-denali-editor-page-rtfLink%22%20href%3D%22https%3A%2F%2Fportal.msrc.microsoft.com%2Fen-US%2Fsecurity-guidance%2Fadvisory%2FCVE-2020-0601%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CSPAN%20data-preserver-spaces%3D%22true%22%3ECVE-2020%E2%80%930601.%3C%2FSPAN%3E%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F165648iF195EC465D97BFA4%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22CVE.GIF%22%20title%3D%22CVE.GIF%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1112896%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EASC%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20Security%20Center%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Eworkbooks%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft

Azure Security Center periodically analyzing the security state of your Azure resources to identify potential security vulnerabilities.

 

In this blog post, we will review how to use Azure security center recommendation that tracks your servers for a missing critical security patch and create a dashboard that will present and help us to track how many servers are potentially impacted by CVE-2020–0601.

 

We created a dashboard that uses Azure security center missing update recommendation and looks for all the servers that missing to critical security update across you’re your subscriptions and even your tenants (with the integration with lighthouse).

 

The prerequisite is that VM's will be monitor by Azure security center (their monitoring agent should send security data)

 

You can leverage this workbooks (from our GitHub community / written by Microsoft).

you will need to import this JSON file to a new dashboard and configured the data sources to your Azure Security Center workspace

 

CVE.GIF

1 Comment