Policies
The Azure provider has 1,930 policies:
Policy
Mod
Control Category
Resource > Configured
Resource > Configured
Resource > Configured
Resource > Approved
IAM > Permissions
Resource > Active
Resource > Approved
Resource > Approved
Resource > Approved
IAM > Permissions
IAM > Permissions
Resource > Active
Resource > Active
Resource > Active
Resource > Approved
Resource > Approved
Resource > Approved
Resource > Approved
Cloud > Location
Resource > Approved
IAM > Permissions
Resource > Tags
Resource > Tags
Resource > Tags
IAM > Permissions
IAM > Permissions
Resource > Active
Resource > Active
Resource > Active
Resource > Approved
Resource > Approved
Resource > Approved
Resource > Approved
Cloud > Location
Resource > Tags
Resource > Approved
IAM > Permissions
IAM > Permissions
IAM > Permissions
IAM > Permissions
IAM > Permissions
IAM > Permissions
IAM > Permissions
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges > 4.05 Use Multifactor Authentication For All Administrative Access
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges > 4.05 Use Multifactor Authentication For All Administrative Access
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 02 Inventory and Control of Software Assets
CIS > Controls v7 > 02 Inventory and Control of Software Assets
CIS > Controls v7 > 02 Inventory and Control of Software Assets
CIS > Controls v7 > 02 Inventory and Control of Software Assets
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges
CIS > Controls v7 > 08 Malware Defenses
CIS > Controls v7 > 03 Continuous Vulnerability Management > 3.01 Run Automated Vulnerability Scanning Tools
CIS > Controls v7 > 03 Continuous Vulnerability Management > 3.04 Deploy Automated Operating System Patch Management Tools
CIS > Controls v7 > 03 Continuous Vulnerability Management > 3.01 Run Automated Vulnerability Scanning Tools
CIS > Controls v7 > 08 Malware Defenses
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know > 14.08 Encrypt Sensitive Information at Rest
CIS > Controls v7 > 12 Boundary Defense
CIS > Controls v7 > 12 Boundary Defense
CIS > Controls v7 > 11 Secure Configuration for Network Devices, such as Firewalls, Routers, and Switches
CIS > Controls v7 > 03 Continuous Vulnerability Management > 3.01 Run Automated Vulnerability Scanning Tools
CIS > Controls v7 > 13 Data Protection
CIS > Controls v7 > 09 Limitation and Control of Network Ports, Protocols, and Services > 9.04 Apply Host-based Firewalls or Port Filtering
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.07 Utilize Application Whitelisting
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.02 Activate Audit Logging
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know > 14.08 Encrypt Sensitive Information at Rest
CIS > Controls v7 > 03 Continuous Vulnerability Management
CIS > Controls v7 > 03 Continuous Vulnerability Management
CIS > Controls v7 > 03 Continuous Vulnerability Management
CIS > Controls v7 > 03 Continuous Vulnerability Management
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know > 14.04 Encrypt All Sensitive Information in Transit
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs
CIS > Controls v7 > 16 Account Monitoring and Control > 16.10 Ensure All Accounts Have An Expiration Date
CIS > Controls v7 > 16 Account Monitoring and Control > 16.10 Ensure All Accounts Have An Expiration Date
CIS > Controls v7 > 16 Account Monitoring and Control > 16.04 Encrypt or Hash all Authentication Credentials
CIS > Controls v7 > 16 Account Monitoring and Control > 16.04 Encrypt or Hash all Authentication Credentials
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 09 Limitation and Control of Network Ports, Protocols, and Services > 9.02 Ensure Only Approved Ports, Protocols and Services Are Running
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.03 Enable Detailed Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.03 Enable Detailed Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.03 Enable Detailed Logging
CIS > Controls v7 > 03 Continuous Vulnerability Management > 3.01 Run Automated Vulnerability Scanning Tools
CIS > Controls v7 > 03 Continuous Vulnerability Management > 3.01 Run Automated Vulnerability Scanning Tools
CIS > Controls v7 > 19 Incident Response and Management
CIS > Controls v7 > 19 Incident Response and Management
CIS > Controls v7 > 16 Account Monitoring and Control > 16.02 Configure Centralized Point of Authentication
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know > 14.08 Encrypt Sensitive Information at Rest
CIS > Controls v7 > 16 Account Monitoring and Control > 16.04 Encrypt or Hash all Authentication Credentials
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know > 14.04 Encrypt All Sensitive Information in Transit
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.02 Activate Audit Logging
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know > 14.04 Encrypt All Sensitive Information in Transit
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.02 Activate Audit Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.02 Activate Audit Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.02 Activate Audit Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.02 Activate Audit Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.04 Ensure Adequate Storage for Logs
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.05 Central Log Management
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.05 Central Log Management
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.03 Enable Detailed Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.03 Enable Detailed Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.03 Enable Detailed Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.03 Enable Detailed Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.03 Enable Detailed Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.03 Enable Detailed Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.03 Enable Detailed Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.03 Enable Detailed Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.03 Enable Detailed Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.03 Enable Detailed Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.03 Enable Detailed Logging
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.03 Enable Detailed Logging
Azure > CIS v1 > 6 Networking > 6.01 Ensure that RDP access is restricted from the internet (Scored)
CIS > Controls v7 > 09 Limitation and Control of Network Ports, Protocols, and Services > 9.02 Ensure Only Approved Ports, Protocols and Services Are Running
Azure > CIS v1 > 6 Networking > 6.02 Ensure that SSH access is restricted from the internet (Scored)
CIS > Controls v7 > 09 Limitation and Control of Network Ports, Protocols, and Services > 9.02 Ensure Only Approved Ports, Protocols and Services Are Running
CIS > Controls v7 > 12 Boundary Defense
CIS > Controls v7 > 06 Maintenance, Monitoring, and Analysis of Audit Logs > 6.04 Ensure Adequate Storage for Logs
CIS > Controls v7 > 11 Secure Configuration for Network Devices, such as Firewalls, Routers, and Switches > 11.02 Document Traffic Configuration Rules
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know > 14.08 Encrypt Sensitive Information at Rest
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know > 14.08 Encrypt Sensitive Information at Rest
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know > 14.08 Encrypt Sensitive Information at Rest
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.01 Maintain Inventory of Authorized Software
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.01 Maintain Inventory of Authorized Software
CIS > Controls v7 > 03 Continuous Vulnerability Management > 3.04 Deploy Automated Operating System Patch Management Tools
CIS > Controls v7 > 03 Continuous Vulnerability Management > 3.04 Deploy Automated Operating System Patch Management Tools
CIS > Controls v7 > 08 Malware Defenses > 8.02 Ensure AntiMalware Software and Signatures are Updated
CIS > Controls v7 > 08 Malware Defenses > 8.02 Ensure AntiMalware Software and Signatures are Updated
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know
Azure > CIS v1 > 8 Other Security Considerations > 8.04 Ensure the key vault is recoverable (Scored)
CIS > Controls v7 > 10 Data Recovery Capabilities
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 07 Email and Web Browser Protections
CIS > Controls v7 > 07 Email and Web Browser Protections
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know
CIS > Controls v7 > 16 Account Monitoring and Control > 16.02 Configure Centralized Point of Authentication
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.02 Ensure Software is Supported by Vendor
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.02 Ensure Software is Supported by Vendor
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.02 Ensure Software is Supported by Vendor
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.02 Ensure Software is Supported by Vendor
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.02 Ensure Software is Supported by Vendor
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges > 4.05 Use Multifactor Authentication For All Administrative Access
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges > 4.05 Use Multifactor Authentication For All Administrative Access
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.08 Disable Any Unassociated Accounts
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 02 Inventory and Control of Software Assets
CIS > Controls v7 > 02 Inventory and Control of Software Assets
CIS > Controls v7 > 02 Inventory and Control of Software Assets
CIS > Controls v7 > 02 Inventory and Control of Software Assets
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges
CIS > Controls v7 > 13 Data Protection
CIS > Controls v7 > 13 Data Protection
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know > 14.06 Protect Information through Access Control Lists
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know > 14.06 Protect Information through Access Control Lists
CIS > Controls v7 > 13 Data Protection
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know > 14.08 Encrypt Sensitive Information at Rest
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know > 14.08 Encrypt Sensitive Information at Rest
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.01 Maintain Inventory of Authorized Software
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.01 Maintain Inventory of Authorized Software
CIS > Controls v7 > 03 Continuous Vulnerability Management > 3.04 Deploy Automated Operating System Patch Management Tools
CIS > Controls v7 > 03 Continuous Vulnerability Management > 3.04 Deploy Automated Operating System Patch Management Tools
CIS > Controls v7 > 08 Malware Defenses > 8.02 Ensure AntiMalware Software and Signatures are Updated
CIS > Controls v7 > 08 Malware Defenses > 8.02 Ensure AntiMalware Software and Signatures are Updated
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 16 Account Monitoring and Control
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know
CIS > Controls v7 > 10 Data Recovery Capabilities
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know
CIS
CIS > Controls v7 > 05 Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers > 5.01 Establish Secure Configurations
CIS > Controls v7 > 05 Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers > 5.01 Establish Secure Configurations
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges > 4.05 Use Multifactor Authentication For All Administrative Access
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges > 4.05 Use Multifactor Authentication For All Administrative Access
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 11 Secure Configuration for Network Devices, such as Firewalls, Routers, and Switches > 11.01 Maintain Standard Security Configurations for Network Devices
CIS > Controls v7 > 12 Boundary Defense > 12.01 Maintain an Inventory of Network Boundaries
CIS > Controls v7 > 12 Boundary Defense > 12.01 Maintain an Inventory of Network Boundaries
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.08 Disable Any Unassociated Accounts
CIS > Controls v7 > 16 Account Monitoring and Control > 16.08 Disable Any Unassociated Accounts
CIS > Controls v7 > 16 Account Monitoring and Control > 16.08 Disable Any Unassociated Accounts
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.03 Require Multi-factor Authentication
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges > 4.04 Use Unique Passwords
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges > 4.04 Use Unique Passwords
CIS > Controls v7 > 16 Account Monitoring and Control > 16.10 Ensure All Accounts Have An Expiration Date
CIS > Controls v7 > 16 Account Monitoring and Control > 16.10 Ensure All Accounts Have An Expiration Date
CIS > Controls v7 > 16 Account Monitoring and Control > 16.02 Configure Centralized Point of Authentication
CIS > Controls v7 > 16 Account Monitoring and Control > 16.02 Configure Centralized Point of Authentication
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges > 4.08 Log and Alert on Changes to Administrative Group Membership
CIS > Controls v7 > 04 Controlled Use of Administrative Privileges > 4.08 Log and Alert on Changes to Administrative Group Membership
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.06 Address Unapproved Software
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.06 Address Unapproved Software
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.06 Address Unapproved Software
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.06 Address Unapproved Software
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.06 Address Unapproved Software
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.06 Address Unapproved Software
CIS > Controls v7 > 02 Inventory and Control of Software Assets > 2.06 Address Unapproved Software
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know > 14.06 Protect Information through Access Control Lists
CIS > Controls v7 > 14 Controlled Access Based on the Need to Know > 14.06 Protect Information through Access Control Lists
to
of
Page
of