Sunday, December 3, 2023

Ensure Azure resource compliance for critical workloads with Azure Security Center Policies

Security and compliance are paramount in a zero-trust cloud environment. Azure policy is one key control Azure employs to achieve zero-trust.

Azure Security Center monitors your resources against a set of policy initiatives, defined according to the Microsoft Cloud Security Benchmark.

By default, those policy initiatives are named ASC Default.













When navigating through a specific Azure Policy initiative, you can review the current compliance status.


We need to prioritize certain critical workloads, such as safeguarding sensitive information stored in an Azure SQL instance.

To check the compliance of a specific resource, such as our Azure SQL instance, there are various methods available. However, in this article, I'll focus on how to do it directly within Azure Policy.

Within the initiative compliance screen, you can easily navigate to non-compliant resources by clicking on the "Non-compliant resources" tab.




In this section you can see all the resources those are not compliant against the Microsoft cloud security center benchmark.

You can specify the name of your resource or use filters to narrow your search.













Once you locate your resource, you can proceed to the resource compliance page to view which policies it is not compliant with.


This serves as an excellent starting point to secure your resources and enhance your cloud security posture.

No comments: