Azure-StorageAccounts-Log-Storage-Encryption
Severity : High
Description : Storage accounts can be configured to encrypt data-at-rest. By default Azure will create a set of keys to encrypt the storage account, but the recommended approach is to create your own keys using Azure Key Vault.
Remediation Steps : Ensure the Storage Account used by Activity Logs is configured with a BYOK key.
Blue Hexagon Proprietary