The new Center for Internet Security (CIS) - Azure 1.4.0 Pack is a group of Insights that align with newly updated Azure CIS 1.4.0 Benchmarks. The CIS benchmarks provide prescriptive guidance for configuring security options for a subset of Azure Services with an emphasis on foundational, testable, and architecture agnostic settings.
InsightCloudSec provides our customers with various compliance packs that can help align with a variety of cybersecurity/compliance organizations and their requirements. It is important to note that while InsightCloudSec can offer support for a number of standards, none of the capabilities we offer, including our compliance packs, are intended to individually provide 100% adherence to any security standard.
Before you get started with any compliance packs, you will need to have the following:
- A functioning InsightCloudSec installation
- The appropriate permissions to apply this Compliance Pack to your desired infrastructure
- Familiarity with your organization’s compliance requirements
If you have questions about implementing this Compliance Pack or other general questions, reach out to us through the Customer Support Portal.
This new Compliance Pack currently includes 45 Insights that help customers align with CIS Benchmarks. The Azure CIS Benchmarks includes checks around issues like:
- Instance With Microsoft Defender Disabled
- Storage Containers Exposed To The Public
- Virtual Machine Endpoint Protection Extension Not Installed
- App Service Not Enforcing HTTPS
In addition, our subsequent releases will continue to update the pack as more filters and Insights are available. If you have specific questions on this capability or a supported Azure resource, reach out to us through the Customer Support Portal.
In addition, to explore more details around our automation capabilities, take a look at our documentation on BotFactory.
Updated 21 days ago