All OS boot components (boot loader, kernel, kernel drivers) must be signed by trusted publishers. Defender for Cloud has identified untrusted OS boot components on one or more of your Linux machines. To protect your machines from potentially malicious components, add them to your allow list or remove the identified components.
The following 1 compliance controls are associated with this Policy definition '[Preview]: Linux virtual machines should use only signed and trusted boot components' (13a6c84f-49a5-410a-b5df-5b880c3fe009)
Audit and enforce secure configurations for compute resources
Continuously monitor and alert when there is a deviation from the defined configuration baseline in your compute resources. Enforce the desired configuration according to the baseline configuration by denying the non-compliant configuration or deploy a configuration in compute resources.
Use Microsoft Defender for Cloud and Azure Policy guest configuration agent to regularly assess and remediate configuration deviations on your Azure compute resources, including VMs, containers, and others. In addition, you can use Azure Resource Manager templates, custom operating system images, or Azure Automation State Configuration to maintain the security configuration of the operating system. Microsoft VM templates in conjunction with Azure Automation State Configuration can assist in meeting and maintaining security requirements.
Note: Azure Marketplace VM images published by Microsoft are managed and maintained by Microsoft.
**Implementation and additional context:**
How to implement Microsoft Defender for Cloud vulnerability assessment recommendations:
How to create an Azure virtual machine from an ARM template:
Azure Automation State Configuration overview:
Create a Windows virtual machine in the Azure portal:
Container security in Microsoft Defender for Cloud: