The Azure &quot;Security Defaults&quot; recommendations represent an entry-level set of recommendations which will be relevant to organizations and tenants that are either just starting to use Azure as an IaaS solution, or are only utilizing a bare minimum feature set such as the freely licensed tier of Azure Active Directory. Security Defaults recommendations are intended to ensure that these entry-level use cases are still capable of establishing a strong baseline of secure configuration.<br /><br />If your subscription is licensed to use Azure AD Premium P1 or P2, it is strongly recommended that the &quot;Security Defaults&quot; section (this section and the recommendations therein) be bypassed in favor of the use of &quot;Conditional Access.&quot; 

Azure > Management Group

Azure > Subscription

Azure > Tenant

Turbot > Folder

Turbot

Azure > Active Directory > Directory

Kubernetes > Cluster

AWS > Account

GitHub > Repository

ServiceNow > Instance

GCP > Project

OCI > Compartment

AWS > Directory Service > Directory

AWS > Data Pipeline > Pipeline [Deprecated]

AWS > VPC > Flow Log

AWS > Region

AWS > EC2 > Instance

GCP > Folder

Azure > Resource Group

Azure > CIS v5.0 > 5 - Identity Services > 5.03 - Periodic Identity Reviews > 5.03.01 - Ensure that Azure admin accounts are not used for daily operations

Azure > CIS v5.0 > 5 - Identity Services > 5.03 - Periodic Identity Reviews > 5.03.02 - Ensure that guest users are reviewed on a regular basis

Azure > CIS v5.0 > 5 - Identity Services > 5.03 - Periodic Identity Reviews > 5.03.03 - Ensure that use of the &#39;User Access Administrator&#39; role is restricted

Azure > CIS v5.0 > 5 - Identity Services > 5.03 - Periodic Identity Reviews > 5.03.04 - Ensure that all &#39;privileged&#39; role assignments are periodically reviewed

Azure > CIS v5.0 > 5 - Identity Services > 5.03 - Periodic Identity Reviews > 5.03.05 - Ensure disabled user accounts do not have read, write, or owner permissions

Azure > CIS v5.0 > 5 - Identity Services > 5.03 - Periodic Identity Reviews > 5.03.06 - Ensure &#39;Tenant Creator&#39; role assignments are periodically reviewed

Azure > CIS v5.0 > 5 - Identity Services > 5.03 - Periodic Identity Reviews > 5.03.07 - Ensure all non-privileged role assignments are periodically reviewed

The Azure &quot;Security Defaults&quot; recommendations represent an entry-level&#92;nset of recommendations which will be relevant to organizations and tenants that are&#92;neither just starting to use Azure as an IaaS solution, or are only utilizing a bare minimum&#92;nfeature set such as the freely licensed tier of Azure Active Directory. Security Defaults&#92;nrecommendations are intended to ensure that these entry-level use cases are still&#92;ncapable of establishing a strong baseline of secure configuration.&#92;n&#92;nIf your subscription is licensed to use Azure AD Premium P1 or P2, it is strongly&#92;nrecommended that the &quot;Security Defaults&quot; section (this section and the&#92;nrecommendations therein) be bypassed in favor of the use of &quot;Conditional&#92;nAccess.&quot;&#92;n

Azure > CIS v5.0 > 5 - Identity Services

Azure > CIS v5.0 > 5 - Identity Services > 5.03 - Periodic Identity Reviews

Policy: Azure > CIS v5.0 > 5 - Identity Services > 5.03 - Periodic Identity Reviews

Primary Policy

Category

In Your Workspace

Developers

Policy: Azure > CIS v5.0 > 5 - Identity Services > 5.03 - Periodic Identity Reviews

Primary Policy

Related Policies

Category

In Your Workspace

Developers