Ensure that the monitoring of the adaptive application controls is enabled within your Microsoft Azure cloud account so that Azure Security Center can determine if Adaptive Application Control feature is enabled for eligible virtual machines (VMs). Adaptive Application Control is an automated application safelisting solution provided by Azure Security Center, that helps you deal with malicious and/or unauthorized software, by allowing only specific applications to run on your Azure and non-Azure VMs (using both Windows and Linux).
This rule resolution is part of the Cloud Conformity Security & Compliance tool for Azure
When "Monitor Adaptive Application Controls" feature is enabled within your Microsoft Azure account, it delegates Azure Security Center to scan for adaptive application controls that enables you to control which applications can run on your eligible virtual machines and helps you harden your VMs against malware.
Audit
To determine if adaptive application safelisting monitoring is enabled within Azure Security Center, perform the following actions:
Remediation / Resolution
To enable "Monitor Adaptive Application Controls" feature for your Microsoft Azure virtual machines (VMs), perform the following actions:
References
- Azure Official Documentation
- Working with security policies
- Adaptive application controls in Azure Security Center
- CIS Microsoft Azure Foundations
- Azure Command Line Interface (CLI) Documentation
- az
- az account get-access-token
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
Enable Adaptive Application Safelisting Monitoring
Risk level: Medium