Microsoft implements this Program Management control
Name/Id: ACF1740 / Microsoft Managed Control 1740 Category: Program Management Title: Information Security Measures Of Performance Ownership: Customer, Microsoft Description: The organization develops, monitors, and reports on the results of information security measures of performance. Requirements: Azure defines the safeguards as "standardized purchase orders, routine business reviews, performance metrics, and threat/risk/vulnerability analysis."
Azure Security correlates vulnerability scanning information with penetration test data and audit records to gain a more complete picture of potential exploits and to enhance the ability to detect inappropriate activity, should it occur. Additionally, Azure Security uses vulnerability scanning reports in conjunction with performance and system monitoring data to identify unusual activity. The compliance and accreditation Joint Test Team validates the effectiveness and efficiency of the information security program and security controls; This is then re-validated during self-testing and assessment events.
The Azure Security team combines the use of various sources of intelligence to aid incident investigation on as needed basis including the use of audit logging data, incident monitoring reports, vulnerability scan data, and penetration testing results. The correlation of this information is part of the identification phase of the incident management process and aids in discovering the presence of inappropriate activity in the Azure environment.
Rule resource types
IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups