Microsoft implements this Security Assessment and Authorization control
Name/Id: ACF1165 / Microsoft Managed Control 1165 Category: Security Assessment and Authorization Title: Continuous Monitoring - Findings Correlation And Analysis Ownership: Customer, Microsoft Description: The organization develops a continuous monitoring strategy and implements a continuous monitoring program that includes: Correlation and analysis of security-related information generated by assessments and monitoring; Requirements: The Azure Continuous Monitoring team performs correlation and analysis of security-related information generated by assessments and monitoring, including vulnerability scan results, POA&M updates, and recurring control testing.
Vulnerabilities are assessed if they are actionable (i.e. requiring remediation), risk reduced, false positive, or risk accepted. Azure mitigates all discovered high-risk vulnerabilities within thirty (30) days, all moderate-risk vulnerabilities within ninety (90) days, and all low-risk vulnerabilities within one hundred and eighty (180) days. The results are summarized into the Continuous Monitoring Reports and are input into the POA&M for tracking if applicable.
Rule resource types
IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups