Policy: Azure > CIS v5.0 > 8 - Security Services > 8.01 - Microsoft Defender for Cloud
This section covers security recommendations for Microsoft Defender for Cloud configuration.
Microsoft Defender for Cloud provides unified security management and advanced threat protection across hybrid cloud workloads.
Primary Policy
This policy is used with the following primary policy:
Related Policies
- 8.01.10 - Ensure that Microsoft Defender for Cloud is configured to check VM operating systems for updates
- 8.01.11 - Ensure That Microsoft Cloud Security Benchmark policies are not set to 'Disabled'
- 8.01.12 - Ensure That 'All users with the following roles' is set to 'Owner'
- 8.01.13 - Ensure 'Additional email addresses' is Configured with a Security Contact Email
- 8.01.14 - Ensure that 'Notify about alerts with the following severity (or higher)' is enabled
- 8.01.15 - Ensure that 'Notify about attack paths with the following risk level (or higher)' is enabled
- 8.01.16 - Ensure that Microsoft Defender External Attack Surface Monitoring (EASM) is enabled
- 8.01.01 - Microsoft Cloud Security Posture Management (CSPM)
- 8.01.02 - Defender Plan: APIs
- 8.01.03 - Defender Plan: Servers
- 8.01.04 - Defender Plan: Containers
- 8.01.05 - Defender Plan: Storage
- 8.01.06 - Defender Plan: App Service
- 8.01.07 - Defender Plan: Databases
- 8.01.08 - Defender Plan: Key Vault
- 8.01.09 - Defender Plan: Resource Manager
Policy Specification
Schema Type | |
|---|---|
Default | |
Valid Values [YAML] |
|
Examples [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/cis#/control/categories/cis
- tmod:@turbot/azure-cisv5-0#/policy/types/s0801
- turbot graphql policy-type --id "tmod:@turbot/azure-cisv5-0#/policy/types/s0801"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-cisv5-0#/policy/types/s0801"
Get Policy TypeGet Policy Settings
Category URI
Policy Type URI
GraphQL
CLI