Resource Type: Azure > Security Center > Security Center
The Security Center resource type allows users to strengthen their security posture and protect against threats, by providing visibility into security state, detecting potential threats, and helping to quickly remediate them.
Resource Context
Security Center is a part of the Security Center service.
Each Security Center lives under a Subscription.
Controls
The primary controls for Azure > Security Center > Security Center are:
It is also targeted by these controls:
- Azure > CIS v1 > 2 Security Center > 2.01 Ensure that standard pricing tier is selected (Scored)
- Azure > CIS v1 > 2 Security Center > 2.02 Ensure that "Automatic provisioning of monitoring agent" is set to "On" (Scored)
- Azure > CIS v1 > 2 Security Center > 2.03 Ensure ASC Default policy setting "Monitor System Updates" is not "Disabled" (Scored)
- Azure > CIS v1 > 2 Security Center > 2.04 Ensure ASC Default policy setting "Monitor OS Vulnerabilities" is not "Disabled" (Scored)
- Azure > CIS v1 > 2 Security Center > 2.05 Ensure ASC Default policy setting "Monitor Endpoint Protection" is not "Disabled" (Scored)
- Azure > CIS v1 > 2 Security Center > 2.06 Ensure ASC Default policy setting "Monitor Disk Encryption" is not "Disabled" (Scored)
- Azure > CIS v1 > 2 Security Center > 2.07 Ensure ASC Default policy setting "Monitor Network Security Groups" is not "Disabled" (Scored)
- Azure > CIS v1 > 2 Security Center > 2.08 Ensure ASC Default policy setting "Monitor Web Application Firewall" is not "Disabled" (Scored)
- Azure > CIS v1 > 2 Security Center > 2.09 Ensure ASC Default policy setting "Enable Next Generation Firewall(NGFW) Monitoring" is not "Disabled" (Scored)
- Azure > CIS v1 > 2 Security Center > 2.10 Ensure ASC Default policy setting "Monitor Vulnerability Assessment" is not "Disabled" (Scored)
- Azure > CIS v1 > 2 Security Center > 2.11 Ensure ASC Default policy setting "Monitor Storage Blob Encryption" is not "Disabled" (Scored)
- Azure > CIS v1 > 2 Security Center > 2.12 Ensure ASC Default policy setting "Monitor JIT Network Access" is not "Disabled" (Scored)
- Azure > CIS v1 > 2 Security Center > 2.13 Ensure ASC Default policy setting "Monitor Adaptive Application Whitelisting" is not "Disabled" (Scored)
- Azure > CIS v1 > 2 Security Center > 2.14 Ensure ASC Default policy setting "Monitor SQL Auditing" is not "Disabled" (Scored)
- Azure > CIS v1 > 2 Security Center > 2.15 Ensure ASC Default policy setting "Monitor SQL Encryption" is not "Disabled" (Scored)
- Azure > CIS v1 > 2 Security Center > 2.16 Ensure that 'Security contact emails' is set (Scored)
- Azure > CIS v1 > 2 Security Center > 2.17 Ensure that security contact 'Phone number' is set (Scored)
- Azure > CIS v1 > 2 Security Center > 2.18 Ensure that 'Send email notification for high severity alerts' is set to 'On' (Scored)
- Azure > CIS v1 > 2 Security Center > 2.19 Ensure that 'Send email also to subscription owners' is set to 'On' (Scored)
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.01 - Ensure That Microsoft Defender for Servers Is Set to 'On'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.02 - Ensure That Microsoft Defender for App Services Is Set To 'On'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.03 - Ensure That Microsoft Defender for Databases Is Set To 'On'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.04 - Ensure That Microsoft Defender for Azure SQL Databases Is Set To 'On'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.05 - Ensure That Microsoft Defender for SQL Servers on Machines Is Set To 'On'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.06 - Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.07 - Ensure That Microsoft Defender for Storage Is Set To 'On'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.08 - Ensure That Microsoft Defender for Containers Is Set To 'On'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.09 - Ensure That Microsoft Defender for Azure Cosmos DB Is Set To 'On'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.10 - Ensure That Microsoft Defender for Key Vault Is Set To 'On'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.11 - Ensure That Microsoft Defender for DNS Is Set To 'On'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.12 - Ensure That Microsoft Defender for Resource Manager Is Set To 'On'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.13 - Ensure that Microsoft Defender Recommendation for 'Apply system updates' status is 'Completed'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.14 - Ensure Any of the ASC Default Policy Settings are Not Set to 'Disabled'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.15 - Ensure that Auto provisioning of 'Log Analytics agent for Azure VMs' is Set to 'On'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.16 - Ensure that Auto provisioning of 'Vulnerability assessment for machines' is Set to 'On'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.17 - Ensure that Auto provisioning of 'Microsoft Defender for Containers components' is Set to 'On'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.18 - Ensure That 'All users with the following roles' is set to 'Owner'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.19 - Ensure 'Additional email addresses' is Configured with a Security Contact Email
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.20 - Ensure That 'Notify about alerts with the following severity' is Set to 'High'
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.21 - Ensure that Microsoft Defender for Cloud Apps integration with Microsoft Defender for Cloud is Selected
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.01 - Microsoft Defender for Cloud > 2.01.22 - Ensure that Microsoft Defender for Endpoint integration with Microsoft Defender for Cloud is selected
- Azure > CIS v2.0 > 02 - Microsoft Defender > 2.02 - Microsoft Defender for IoT > 2.02.01 - Ensure That Microsoft Defender for IoT Hub Is Set To 'On'
Category
In Your Workspace
- Controls by Resource Type report
- Policy Settings by Resource Type report
- Resources by Resource Type report
Developers
- tmod:@turbot/azure-securitycenter#/resource/types/securityCenter
- tmod:@turbot/turbot#/resource/categories/security
- turbot graphql resource --id "tmod:@turbot/azure-securitycenter#/resource/types/securityCenter"
Get Resource- select * from guardrails_resource where resource_type_uri = 'tmod:@turbot/azure-securitycenter#/resource/types/securityCenter';
- select * from guardrails_policy_setting where filter = 'resourceTypeId:"tmod:@turbot/azure-securitycenter#/resource/types/securityCenter"';
- select * from guardrails_notification where resource_type_uri = 'tmod:@turbot/azure-securitycenter#/resource/types/securityCenter' and notification_type in ('resource_updated', 'resource_created');
Get ResourceGet Policy Settings (By Resource ID)Get Resource Notification
Resource Type URI
Category URI
GraphQL
CLI
Steampipe Query