Ensure that appropriate contact information, in this case one or more email addresses, is set for the administrator who should be notified when Azure Security Center detects compromised resources within your Microsoft Azure cloud account. The contact information is used by Microsoft to contact your account administrator if the Microsoft Security Response Center (MSRC) discovers that your cloud resources and/or data has been accessed by an unauthorized actor or system.
This rule resolution is part of the Cloud Conformity Security & Compliance tool for Azure
Azure Security Center strongly recommends that you provide at least one valid security contact email address for each Microsoft Azure subscription that you own. Security Center reaches out to the designated administrator using the defined security contact in case the Microsoft security team finds that your Azure cloud resources are compromised. This ensures that the right people become aware of the potential security risks found in order to mitigate these risk in a timely manner.
Audit
To determine if security contact email addresses are defined within Azure Security Center settings, perform the following actions:
Remediation / Resolution
To set security contact email addresses in order to be notified when Azure Security Center detects compromised resources within your Azure cloud account, perform the following actions:
References
- Azure Official Documentation
- Working with security policies
- Provide security contact details in Azure Security Center
- CIS Microsoft Azure Foundations
- Azure Command Line Interface (CLI) Documentation
- az
- az account get-access-token
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
Security Contact Emails In Use
Risk level: Medium