AzPolicyAdvertizer

last sync: 2024-Sep-18 17:50:24 UTC

Deploy Defender for Storage (Classic) on storage accounts

Azure BuiltIn Policy definition

Source Azure Portal
Display name Deploy Defender for Storage (Classic) on storage accounts
Id 361c2074-3595-4e5d-8cab-4f21dffc835c
Version 1.0.1
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.1
Built-in Versioning [Preview]
Category Storage
Microsoft Learn
Description This policy enables Defender for Storage (Classic) on storage accounts.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Security Admin fb1c8493-542b-48eb-b624-b4c8fea62acd
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Security/advancedThreatProtectionSettings/isEnabled Microsoft.Security advancedThreatProtectionSettings properties.isEnabled True False
Rule resource types IF (1)
Microsoft.Storage/storageAccounts
Compliance
The following 3 compliance controls are associated with this Policy definition 'Deploy Defender for Storage (Classic) on storage accounts' (361c2074-3595-4e5d-8cab-4f21dffc835c)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
CMMC_L3 IR.2.093 CMMC_L3_IR.2.093 CMMC L3 IR.2.093 Incident Response Detect and report events. Shared Microsoft and the customer share responsibilities for implementing this requirement. The monitoring, identification, and reporting of events are the foundation for incident identification and commence the incident life cycle. Events potentially affect the productivity of organizational assets and, in turn, associated services. These events must be captured and analyzed so that the organization can determine whether an event will become (or has become) an incident that requires organizational action. The extent to which an organization can identify events improves its ability to manage and control incidents and their potential effects. link 18
op.exp.6 Protection against harmful code op.exp.6 Protection against harmful code 404 not found n/a n/a 63
RMiT_v1.0 11.5 RMiT_v1.0_11.5 RMiT 11.5 Cybersecurity Operations Cybersecurity Operations - 11.5 Shared n/a A financial institution must establish clear responsibilities for cybersecurity operations which shall include implementing appropriate mitigating measures in the financial institution's conduct of business that correspond to the following phases of the cyber-attack lifecycle: (a) reconnaisance; (b) weaponisation; (c) delivery; (d) exploitation; (e) installation; (f) command and control; and (g) exfiltration. (harvest data) link 6
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
CMMC Level 3 b5629c75-5c77-4422-87b9-2509e680f8de Regulatory Compliance GA BuiltIn
Enforce recommended guardrails for Storage Account Enforce-Guardrails-Storage Storage GA ALZ
RMIT Malaysia 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 Regulatory Compliance GA BuiltIn
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-03-31 17:44:15 change Patch (1.0.0 > 1.0.1)
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC