| Source | Azure Portal | ||||||||||||||||||||||
| Display name | Microsoft Managed Control 1368 - Incident Handling | Correlation With External Organizations | ||||||||||||||||||||||
| Id | 465f32da-0ace-4603-8d1b-7be5a3a702de | ||||||||||||||||||||||
| Version | 1.0.0 Details on versioning |
||||||||||||||||||||||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||||||||||||||||||||||
| Category | Regulatory Compliance Microsoft Learn |
||||||||||||||||||||||
| Description | Microsoft implements this Incident Response control | ||||||||||||||||||||||
| Additional metadata |
Name/Id: ACF1368 / Microsoft Managed Control 1368 Category: Incident Response Title: Incident Handling | Correlation With External Organizations Ownership: Customer, Microsoft Description: The organization coordinates with US-CERT and incident handling teams for affected customers, DoD Cert, MSRC, Adobe, CISCO, CVE, and Qualys to correlate and share Relevant and critical incident handling data as defined in the Microsoft Azure Incident Response Plan to achieve a cross-organization perspective on incident awareness and more effective incident responses. Requirements: The Security Response Team identifies information appropriate to correlate and share with other incident handling teams for directly affected customers to achieve a wider perspective on incident awareness. Microsoft’s Threat Intelligence Team (MSTIC) coordinates with other external organizations to correlate and share this information. Microsoft also uses the MSRC Ecosystem Strategy government security program to coordinate with US-CERT and other national-level Computer Security Incident Response Team (CSIRTs). Microsoft coordinates and leverages various sources for incident awareness such as US-Cert/DoD Cert, MSRC, Adobe, Cisco, CVE, and Qualys. The Security Response Team coordinates and leverages various sources for incident awareness such as US-Cert/DoD Cert, MSRC, Adobe, CISCO, CVE, and Qualys. The Security Response Team utilizes a Microsoft incident reporting website ( |
||||||||||||||||||||||
| Mode | Indexed | ||||||||||||||||||||||
| Type | Static | ||||||||||||||||||||||
| Preview | False | ||||||||||||||||||||||
| Deprecated | False | ||||||||||||||||||||||
| Effect | Fixed audit |
||||||||||||||||||||||
| RBAC role(s) | none | ||||||||||||||||||||||
| Rule aliases | none | ||||||||||||||||||||||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||||||||||||||||||||||
| Compliance |
The following 1 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1368 - Incident Handling | Correlation With External Organizations' (465f32da-0ace-4603-8d1b-7be5a3a702de)
| ||||||||||||||||||||||
| Initiatives usage |
|
||||||||||||||||||||||
| History | none | ||||||||||||||||||||||
| JSON compare | n/a | ||||||||||||||||||||||
| JSON |
|