The following 2 compliance controls are associated with this Policy definition '[Deprecated]: Monitor missing Endpoint Protection in Azure Security Center' (af6cd1bd-1635-48cb-bde7-5b15693900b9)
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators: <, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx: Learn more
Use centrally managed modern anti-malware software
Customer
Use a centrally managed endpoint anti-malware solution capable of real time and periodic scanning
Azure Security Center can automatically identify the use of a number of popular anti-malware solutions for your virtual machines and report the endpoint protection running status and make recommendations.
Microsoft Antimalware for Azure Cloud Services is the default anti-malware for Windows virtual machines (VMs). For Linux VMs, use third-party antimalware solution. Also, you can use Azure Security Center's Threat detection for data services to detect malware uploaded to Azure Storage accounts.
How to configure Microsoft Antimalware for Cloud Services and Virtual Machines:
https://docs.microsoft.com/azure/security/fundamentals/antimalware
Supported endpoint protection solutions:
https://docs.microsoft.com/azure/security-center/security-center-services?tabs=features-windows#supported-endpoint-protection-solutions-
Ensure anti-malware software and signatures are updated
Customer
Ensure anti-malware signatures are updated rapidly and consistently.
Follow recommendations in Azure Security Center: "Compute & Apps" to ensure all endpoints are up to date with the latest signatures. Microsoft Antimalware will automatically install the latest signatures and engine updates by default. For Linux, use third-party antimalware solution.
How to deploy Microsoft Antimalware for Azure Cloud Services and Virtual Machines: https://docs.microsoft.com/azure/security/fundamentals/antimalware
Endpoint
protection assessment and recommendations in Azure Security Center:https://docs.microsoft.com/azure/security-center/security-center-endpoint-protection
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators: <, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx: Learn more