compliance controls are associated with this Policy definition 'Correlate Vulnerability scan information' (e3905a3c-97e7-0b4f-15fb-465c0927536f)
Control Domain |
Control |
Name |
MetadataId |
Category |
Title |
Owner |
Requirements |
Description |
Info |
Policy# |
CIS_Azure_1.3.0 |
4.2.4 |
CIS_Azure_1.3.0_4.2.4 |
CIS Microsoft Azure Foundations Benchmark recommendation 4.2.4 |
4 Database Services |
Ensure that VA setting Send scan reports to is configured for a SQL server |
Shared |
The customer is responsible for implementing this recommendation. |
Configure 'Send scan reports to' with email ids of concerned data owners/stakeholders for a critical SQL servers. |
link |
3 |
CIS_Azure_1.3.0 |
4.2.5 |
CIS_Azure_1.3.0_4.2.5 |
CIS Microsoft Azure Foundations Benchmark recommendation 4.2.5 |
4 Database Services |
Ensure that VA setting 'Also send email notifications to admins and subscription owners' is set for a SQL server |
Shared |
The customer is responsible for implementing this recommendation. |
Enable Vulnerability Assessment (VA) setting 'Also send email notifications to admins and subscription owners'. |
link |
3 |
CIS_Azure_1.4.0 |
4.2.4 |
CIS_Azure_1.4.0_4.2.4 |
CIS Microsoft Azure Foundations Benchmark recommendation 4.2.4 |
4 Database Services |
Ensure that VA setting 'Send scan reports to' is configured for a SQL server |
Shared |
The customer is responsible for implementing this recommendation. |
Configure 'Send scan reports to' with email ids of concerned data owners/stakeholders for a critical SQL servers. |
link |
3 |
CIS_Azure_1.4.0 |
4.2.5 |
CIS_Azure_1.4.0_4.2.5 |
CIS Microsoft Azure Foundations Benchmark recommendation 4.2.5 |
4 Database Services |
Ensure that Vulnerability Assessment Setting 'Also send email notifications to admins and subscription owners' is Set for Each SQL Server |
Shared |
The customer is responsible for implementing this recommendation. |
Enable Vulnerability Assessment (VA) setting 'Also send email notifications to admins and subscription owners'. |
link |
3 |
CIS_Azure_2.0.0 |
4.2.4 |
CIS_Azure_2.0.0_4.2.4 |
CIS Microsoft Azure Foundations Benchmark recommendation 4.2.4 |
4.2 |
Ensure that Vulnerability Assessment (VA) setting 'Send scan reports to' is configured for a SQL server |
Shared |
Enabling the `Microsoft Defender for SQL` features will incur additional costs for each SQL server. |
Configure 'Send scan reports to' with email addresses of concerned data owners/stakeholders for a critical SQL servers.
Vulnerability Assessment (VA) scan reports and alerts will be sent to email addresses configured at 'Send scan reports to'. This may help in reducing time required for identifying risks and taking corrective measures. |
link |
4 |
CIS_Azure_2.0.0 |
4.2.5 |
CIS_Azure_2.0.0_4.2.5 |
CIS Microsoft Azure Foundations Benchmark recommendation 4.2.5 |
4.2 |
Ensure that Vulnerability Assessment (VA) setting 'Also send email notifications to admins and subscription owners' is set for each SQL Server |
Shared |
Enabling the `Microsoft Defender for SQL` features will incur additional costs for each SQL server. |
Enable Vulnerability Assessment (VA) setting 'Also send email notifications to admins and subscription owners'.
VA scan reports and alerts will be sent to admins and subscription owners by enabling setting 'Also send email notifications to admins and subscription owners'. This may help in reducing time required for identifying risks and taking corrective measures. |
link |
5 |
FedRAMP_High_R4 |
RA-5(10) |
FedRAMP_High_R4_RA-5(10) |
FedRAMP High RA-5 (10) |
Risk Assessment |
Correlate Scanning Information |
Shared |
n/a |
The organization correlates the output from vulnerability scanning tools to determine the presence of multi-vulnerability/multi-hop attack vectors. |
link |
1 |
NIST_SP_800-53_R4 |
RA-5(10) |
NIST_SP_800-53_R4_RA-5(10) |
NIST SP 800-53 Rev. 4 RA-5 (10) |
Risk Assessment |
Correlate Scanning Information |
Shared |
n/a |
The organization correlates the output from vulnerability scanning tools to determine the presence of multi-vulnerability/multi-hop attack vectors. |
link |
1 |
NIST_SP_800-53_R5 |
RA-5(10) |
NIST_SP_800-53_R5_RA-5(10) |
NIST SP 800-53 Rev. 5 RA-5 (10) |
Risk Assessment |
Correlate Scanning Information |
Shared |
n/a |
Correlate the output from vulnerability scanning tools to determine the presence of multi-vulnerability and multi-hop attack vectors. |
link |
1 |
|
op.exp.2 Security configuration |
op.exp.2 Security configuration |
404 not found |
|
|
|
n/a |
n/a |
|
112 |
|
op.exp.3 Security configuration management |
op.exp.3 Security configuration management |
404 not found |
|
|
|
n/a |
n/a |
|
123 |
|
op.exp.4 Security maintenance and updates |
op.exp.4 Security maintenance and updates |
404 not found |
|
|
|
n/a |
n/a |
|
78 |
|
op.exp.5 Change management |
op.exp.5 Change management |
404 not found |
|
|
|
n/a |
n/a |
|
71 |
|
op.mon.3 Monitoring |
op.mon.3 Monitoring |
404 not found |
|
|
|
n/a |
n/a |
|
51 |
SWIFT_CSCF_v2022 |
2.2 |
SWIFT_CSCF_v2022_2.2 |
SWIFT CSCF v2022 2.2 |
2. Reduce Attack Surface and Vulnerabilities |
Minimise the occurrence of known technical vulnerabilities on operator PCs and within the local SWIFT infrastructure by ensuring vendor support, applying mandatory software updates, and applying timely security updates aligned to the assessed risk. |
Shared |
n/a |
All hardware and software inside the secure zone and on operator PCs are within the support life cycle of the vendor, have been upgraded with mandatory software updates, and have had security updates promptly applied. |
link |
11 |
SWIFT_CSCF_v2022 |
2.7 |
SWIFT_CSCF_v2022_2.7 |
SWIFT CSCF v2022 2.7 |
2. Reduce Attack Surface and Vulnerabilities |
Identify known vulnerabilities within the local SWIFT environment by implementing a regular vulnerability scanning process and act upon results. |
Shared |
n/a |
Secure zone (including dedicated operator PC) systems are scanned for vulnerabilities using an up-to-date, reputable scanning tool and results are considered for appropriate resolving actions. |
link |
14 |
SWIFT_CSCF_v2022 |
6.1 |
SWIFT_CSCF_v2022_6.1 |
SWIFT CSCF v2022 6.1 |
6. Detect Anomalous Activity to Systems or Transaction Records |
Ensure that local SWIFT infrastructure is protected against malware and act upon results. |
Shared |
n/a |
Anti-malware software from a reputable vendor is installed, kept up-to-date on all systems, and results are considered for appropriate resolving actions. |
link |
29 |