Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Vulnerability management recommendations focus on addressing issues related to continuously acquiring, assessing, and acting on new information in order to identify and remediate vulnerabilities as well as minimizing the window of opportunity for attackers.
| Azure ID | CIS IDs | Responsibility |
|---|---|---|
| 5.1 | 3.1, 3.2, 3.3 | Customer |
Follow recommendations from Azure Security Center on performing vulnerability assessments on your Azure virtual machines, container images, and SQL servers.
Use a third-party solution for performing vulnerability assessments on network devices and web applications. When conducting remote scans, do not use a single, perpetual, administrative account. Consider implementing JIT provisioning methodology for the scan account. Credentials for the scan account should be protected, monitored, and used only for vulnerability scanning.
| Azure ID | CIS IDs | Responsibility |
|---|---|---|
| 5.2 | 3.4 | Customer |
Use Azure "Update Management" to ensure the most recent security updates are installed on your Windows and Linux VMs. For Windows VMs, ensure Windows Update has been enabled and set to update automatically.
How to configure Update Management for virtual machines in Azure
Understand Azure security policies monitored by Security Center
| Azure ID | CIS IDs | Responsibility |
|---|---|---|
| 5.3 | 3.5 | Customer |
Use a third-party patch management solution. Customers already leveraging System Center Configuration Manager in their environment may leverage System Center Updates Publisher, allowing them to publish custom updates into Windows Server Update Service. This allows Update Manager to patch machines that use System Center Configuration Manager as their update repository with third-party software.
| Azure ID | CIS IDs | Responsibility |
|---|---|---|
| 5.4 | 3.6 | Customer |
Export scan results at consistent intervals and compare the results to verify that vulnerabilities have been remediated. When using vulnerability management recommendations suggested by Azure Security Center, you may pivot into the selected solution's portal to view historical scan data.
| Azure ID | CIS IDs | Responsibility |
|---|---|---|
| 5.5 | 3.7 | Customer |
Use a common risk scoring program (for example, Common Vulnerability Scoring System) or the default risk ratings provided by your third-party scanning tool.
- See the next Security Control: Inventory and Asset Management