Control: Azure > CIS v5.0 > 8 - Security Services > 8.01 - Microsoft Defender for Cloud > 8.01.03 - Defender Plan: Servers > 8.01.03.03 - Ensure that 'Endpoint protection' component status is set to 'On'

Configures auditing against a CIS Benchmark item.

Level: 2

The Endpoint protection component enables Microsoft Defender for Endpoint to communicate with Microsoft Defender for Cloud.

IMPORTANT: When enabling integration between DfE & DfC it needs to be taken into account that this will have some side effects that may be undesirable. - For server 2019 & above if defender is installed (default for these server SKUs) this will trigger a deployment of the new unified agent and link to any of the extended configuration in the Defender portal. - If the new unified agent is required for server SKUs of Win 2016 or Linux and lower there is additional integration that needs to be switched on and agents need to be aligned.

Microsoft Defender for Endpoint integration brings comprehensive Endpoint Detection and Response (EDR) capabilities within Microsoft Defender for Cloud. This integration helps to spot abnormalities, as well as detect and respond to advanced attacks on endpoints monitored by Microsoft Defender for Cloud.

By default, Endpoint protection is off.

Resource Types

This control targets the following resource types:

Azure > Security Center > Security Center

Policies

This control type relies on these other policies when running actions:

In Your Workspace

Developers

Control Type URI

tmod:@turbot/azure-cisv5-0#/control/types/r08010303

Category URI

tmod:@turbot/cis#/control/categories/v070301

GraphQL

query controlType(id: "tmod:@turbot/azure-cisv5-0#/control/types/r08010303") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/azure-cisv5-0#/control/types/r08010303'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv5-0#/control/types/r08010303"