last sync: 2024-May-24 18:03:04 UTC

Microsoft Managed Control 1716 - Software & Information Integrity | Integration Of Detection And Response | Regulatory Compliance - System and Information Integrity

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1716 - Software & Information Integrity | Integration Of Detection And Response
Id e54c325e-42a0-4dcf-b105-046e0f6f590f
Version 1.0.1
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this System and Information Integrity control
Additional metadata Name/Id: ACF1716 / Microsoft Managed Control 1716
Category: System and Information Integrity
Title: Software & Information Integrity | Integration Of Detection And Response
Ownership: Customer, Microsoft
Description: The organization incorporates the detection of unauthorized changes to operating system files, installation of software, privilege elevation into the organizational incident response capability.
Requirements: Azure utilizes Azure Security Pack (AzSecPack) monitoring via Azure System Lockdown (AzSysLock) for unexpected running software - to alert on and in some cases block unsigned code from running in the environment. This is defined as any software that is not signed per the appropriate signing certificates. AzSysLock sends alerts for service teams that are not properly using AppLocker and Code Integrity. Additionally, for services running with AzSysLock in enforcement mode, which is currently an opt-in feature of AzSecPack, the binary does not run if it is not signed. Alerts for unsigned binaries running are created to service owners as a Severity 2 incident per Azure CEN. In addition, for servers, AzSecPack alerts on critical baseline changes. For network devices, the Config Policy Verifier (CPV) and Config Change Reporter (CCR) alerts on any changes not tied to a work ticket.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance
The following 2 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1716 - Software & Information Integrity | Integration Of Detection And Response' (e54c325e-42a0-4dcf-b105-046e0f6f590f)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
op.exp.2 Security configuration op.exp.2 Security configuration 404 not found n/a n/a 112
op.exp.3 Security configuration management op.exp.3 Security configuration management 404 not found n/a n/a 123
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-04-01 20:29:14 change Patch (1.0.0 > 1.0.1)
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC