Control: Azure > CIS v5.0 > 7 - Networking Services > 7.15 - Ensure bot protection is enabled in Azure Web Application Firewall policy on Azure Application Gateway

Configures auditing against a CIS Benchmark item.

Level: 2

Enable bot protection on the Web Application Firewall to block or log requests from known malicious IP addresses identified through the Microsoft Threat Intelligence feed.

Internet traffic from bots can scrape, scan, and search for application vulnerabilities. Enabling bot protection stops requests from known malicious IP addresses and enhances the overall security of your application by reducing exposure to automated attacks.

Resource Types

This control targets the following resource types:

Azure > Network > Web Application Firewall Policy

Policies

This control type relies on these other policies when running actions:

In Your Workspace

Developers

Control Type URI

tmod:@turbot/azure-cisv5-0#/control/types/r0715

Category URI

tmod:@turbot/cis#/control/categories/v071209

GraphQL

query controlType(id: "tmod:@turbot/azure-cisv5-0#/control/types/r0715") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/azure-cisv5-0#/control/types/r0715'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv5-0#/control/types/r0715"