Name/Id: ACF1553 / Microsoft Managed Control 1553 Category: Risk Assessment Title: Vulnerability Scanning | Breadth / Depth Of Coverage Ownership: Customer, Microsoft Description: The organization employs vulnerability scanning procedures that can identify the breadth and depth of coverage (i.e., information system components scanned and vulnerabilities checked). Requirements: To meet the appropriate breadth and depth of coverage, Azure utilizes vulnerability scanning tools to conduct authenticated scans of all asset types within the Azure security authorization boundary. Vulnerability scans of the Azure web applications and databases are conducted using vulnerability scanning tools with applicable web application and database plug-ins enabled. All scanning results are based on the latest plugins available to ensure all areas are covered in appropriate depth. In addition, for database instance scanning, appropriate tools are used to ensure database compliance checks are enabled.
Rule resource types
IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups