last sync: 2024-Jun-14 18:20:16 UTC

Correlate Vulnerability scan information | Regulatory Compliance - Documentation

Azure BuiltIn Policy definition

Source Azure Portal
Display name Correlate Vulnerability scan information
Id e3905a3c-97e7-0b4f-15fb-465c0927536f
Version 1.1.1
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1558 - Correlate Vulnerability scan information
Additional metadata Name/Id: CMA_C1558 / CMA_C1558
Category: Documentation
Title: Correlate Vulnerability scan information
Ownership: Customer
Description: The customer is responsible for correlating vulnerability scanning information to determine the presence of multi-vulnerability/multi-hop attack vectors.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance
The following 17 compliance controls are associated with this Policy definition 'Correlate Vulnerability scan information' (e3905a3c-97e7-0b4f-15fb-465c0927536f)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
CIS_Azure_1.3.0 4.2.4 CIS_Azure_1.3.0_4.2.4 CIS Microsoft Azure Foundations Benchmark recommendation 4.2.4 4 Database Services Ensure that VA setting Send scan reports to is configured for a SQL server Shared The customer is responsible for implementing this recommendation. Configure 'Send scan reports to' with email ids of concerned data owners/stakeholders for a critical SQL servers. link 3
CIS_Azure_1.3.0 4.2.5 CIS_Azure_1.3.0_4.2.5 CIS Microsoft Azure Foundations Benchmark recommendation 4.2.5 4 Database Services Ensure that VA setting 'Also send email notifications to admins and subscription owners' is set for a SQL server Shared The customer is responsible for implementing this recommendation. Enable Vulnerability Assessment (VA) setting 'Also send email notifications to admins and subscription owners'. link 3
CIS_Azure_1.4.0 4.2.4 CIS_Azure_1.4.0_4.2.4 CIS Microsoft Azure Foundations Benchmark recommendation 4.2.4 4 Database Services Ensure that VA setting 'Send scan reports to' is configured for a SQL server Shared The customer is responsible for implementing this recommendation. Configure 'Send scan reports to' with email ids of concerned data owners/stakeholders for a critical SQL servers. link 3
CIS_Azure_1.4.0 4.2.5 CIS_Azure_1.4.0_4.2.5 CIS Microsoft Azure Foundations Benchmark recommendation 4.2.5 4 Database Services Ensure that Vulnerability Assessment Setting 'Also send email notifications to admins and subscription owners' is Set for Each SQL Server Shared The customer is responsible for implementing this recommendation. Enable Vulnerability Assessment (VA) setting 'Also send email notifications to admins and subscription owners'. link 3
CIS_Azure_2.0.0 4.2.4 CIS_Azure_2.0.0_4.2.4 CIS Microsoft Azure Foundations Benchmark recommendation 4.2.4 4.2 Ensure that Vulnerability Assessment (VA) setting 'Send scan reports to' is configured for a SQL server Shared Enabling the `Microsoft Defender for SQL` features will incur additional costs for each SQL server. Configure 'Send scan reports to' with email addresses of concerned data owners/stakeholders for a critical SQL servers. Vulnerability Assessment (VA) scan reports and alerts will be sent to email addresses configured at 'Send scan reports to'. This may help in reducing time required for identifying risks and taking corrective measures. link 4
CIS_Azure_2.0.0 4.2.5 CIS_Azure_2.0.0_4.2.5 CIS Microsoft Azure Foundations Benchmark recommendation 4.2.5 4.2 Ensure that Vulnerability Assessment (VA) setting 'Also send email notifications to admins and subscription owners' is set for each SQL Server Shared Enabling the `Microsoft Defender for SQL` features will incur additional costs for each SQL server. Enable Vulnerability Assessment (VA) setting 'Also send email notifications to admins and subscription owners'. VA scan reports and alerts will be sent to admins and subscription owners by enabling setting 'Also send email notifications to admins and subscription owners'. This may help in reducing time required for identifying risks and taking corrective measures. link 5
FedRAMP_High_R4 RA-5(10) FedRAMP_High_R4_RA-5(10) FedRAMP High RA-5 (10) Risk Assessment Correlate Scanning Information Shared n/a The organization correlates the output from vulnerability scanning tools to determine the presence of multi-vulnerability/multi-hop attack vectors. link 1
NIST_SP_800-53_R4 RA-5(10) NIST_SP_800-53_R4_RA-5(10) NIST SP 800-53 Rev. 4 RA-5 (10) Risk Assessment Correlate Scanning Information Shared n/a The organization correlates the output from vulnerability scanning tools to determine the presence of multi-vulnerability/multi-hop attack vectors. link 1
NIST_SP_800-53_R5 RA-5(10) NIST_SP_800-53_R5_RA-5(10) NIST SP 800-53 Rev. 5 RA-5 (10) Risk Assessment Correlate Scanning Information Shared n/a Correlate the output from vulnerability scanning tools to determine the presence of multi-vulnerability and multi-hop attack vectors. link 1
op.exp.2 Security configuration op.exp.2 Security configuration 404 not found n/a n/a 112
op.exp.3 Security configuration management op.exp.3 Security configuration management 404 not found n/a n/a 123
op.exp.4 Security maintenance and updates op.exp.4 Security maintenance and updates 404 not found n/a n/a 78
op.exp.5 Change management op.exp.5 Change management 404 not found n/a n/a 71
op.mon.3 Monitoring op.mon.3 Monitoring 404 not found n/a n/a 51
SWIFT_CSCF_v2022 2.2 SWIFT_CSCF_v2022_2.2 SWIFT CSCF v2022 2.2 2. Reduce Attack Surface and Vulnerabilities Minimise the occurrence of known technical vulnerabilities on operator PCs and within the local SWIFT infrastructure by ensuring vendor support, applying mandatory software updates, and applying timely security updates aligned to the assessed risk. Shared n/a All hardware and software inside the secure zone and on operator PCs are within the support life cycle of the vendor, have been upgraded with mandatory software updates, and have had security updates promptly applied. link 11
SWIFT_CSCF_v2022 2.7 SWIFT_CSCF_v2022_2.7 SWIFT CSCF v2022 2.7 2. Reduce Attack Surface and Vulnerabilities Identify known vulnerabilities within the local SWIFT environment by implementing a regular vulnerability scanning process and act upon results. Shared n/a Secure zone (including dedicated operator PC) systems are scanned for vulnerabilities using an up-to-date, reputable scanning tool and results are considered for appropriate resolving actions. link 16
SWIFT_CSCF_v2022 6.1 SWIFT_CSCF_v2022_6.1 SWIFT CSCF v2022 6.1 6. Detect Anomalous Activity to Systems or Transaction Records Ensure that local SWIFT infrastructure is protected against malware and act upon results. Shared n/a Anti-malware software from a reputable vendor is installed, kept up-to-date on all systems, and results are considered for appropriate resolving actions. link 31
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
CIS Microsoft Azure Foundations Benchmark v1.3.0 612b5213-9160-4969-8578-1518bd2a000c Regulatory Compliance GA BuiltIn
CIS Microsoft Azure Foundations Benchmark v1.4.0 c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 Regulatory Compliance GA BuiltIn
CIS Microsoft Azure Foundations Benchmark v2.0.0 06f19060-9e68-4070-92ca-f15cc126059e Regulatory Compliance GA BuiltIn
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
SWIFT CSP-CSCF v2022 7bc7cd6c-4114-ff31-3cac-59be3157596d Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-10-21 16:42:13 change Patch (1.1.0 > 1.1.1)
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-02 16:33:37 add e3905a3c-97e7-0b4f-15fb-465c0927536f
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC