Severity : High
Description : .
Remediation Steps : Install endpoint protection on all virtual machines.
Description: This control ensures that Endpoint protection extension is installed on virtual machines. Endpoint protection prevents the Vm from commonly known and reported attacks. Installing endpoint protection systems provides for real-time protection capabilities that help identify and remove viruses, spyware, and other malicious software, with configurable alerts for malicious or unwanted software.
Remediation Steps:
...
Perform following to update parameters:
Login to Azure Portal using https://portal.azure.com.
Go to Virtual Machines.
Click VM instance to configure Endpoint Protection.
Select Extensions , Click on Add.
Select Microsoft Anti-malware, Click Create.
Provide location and other data as required.
Click OK.
Important:
Reference:
CIS Microsoft Azure Foundations Benchmark v1.3.0 - 02-01-2021 : Recommendation #7.6
https://docs.microsoft.com/en-us/azure/security/fundamentals/antimalware