| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1171 - Penetration Testing | Independent Penetration Agent Or Team | ||
| Id | 6d4820bc-8b61-4982-9501-2123cb776c00 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Security Assessment and Authorization control | ||
| Additional metadata |
Name/Id: ACF1171 / Microsoft Managed Control 1171 Category: Security Assessment and Authorization Title: Penetration Testing | Independent Penetration Agent Or Team Ownership: Customer, Microsoft Description: The organization employs an independent penetration agent or penetration team to perform penetration testing on the information system or system components. Requirements: The Third Party Assessment Organization (3PAO) performs penetration testing on the information system at least annually. The Penetration Test Report covers Azure system components identified as part of the authorization boundary. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|