Severity: High
Description: This control ensures that Monitor missing Endpoint Protection in Azure Security Center is enabled for at least one policy assignment with policy definition. When this setting is not disabled, it recommends endpoint protection be provisioned for all Windows virtual machines to help identify and remove viruses, spyware, and other malicious software.
Remediation Steps:
Perform following to update PostgreSQL parameters:
Login to Azure Portal using https://portal.azure.com.
Go to Policy service.
On Policy overview, Click onDefault/Custom Policy.
Click on Edit Assignments.
In Basics menu, check there are no exclusions added for resource Group.
Set Policy Enforcement to Enabled.
Goto Parameters and set Monitor missing Endpoint Protection in Azure Security Center to AuditIfNotExist
Click Review + save.
Important:
Along with ASC Default assignment, there could be custom policy assignments with the policy definition "Enable Monitoring in Azure Security Center". 'Monitor missing Endpoint Protection in Azure Security Center' should be enabled for at least one of such assignments
Reference:
https://docs.microsoft.com/en-us/azure/security-center/security-center-policies
https://docs.microsoft.com/en-us/azure/security-center/security-center-install-endpoint-protection
https://docs.microsoft.com/en-us/rest/api/resources/policyassignments/get
https://docs.microsoft.com/en-us/rest/api/resources/policyassignments/create