AzPolicyAdvertizer

last sync: 2024-Jul-26 18:17:39 UTC

Microsoft Managed Control 1716 - Software & Information Integrity | Integration Of Detection And Response | Regulatory Compliance - System and Information Integrity

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Microsoft Managed Control 1716 - Software & Information Integrity | Integration Of Detection And Response

e54c325e-42a0-4dcf-b105-046e0f6f590f

Version

1.0.1
Details on versioning

Category

Regulatory Compliance
Microsoft Learn

Description

Microsoft implements this System and Information Integrity control

Additional metadata

Name/Id: ACF1716 / Microsoft Managed Control 1716
Category: System and Information Integrity
Title: Software & Information Integrity | Integration Of Detection And Response
Ownership: Customer, Microsoft
Description: The organization incorporates the detection of unauthorized changes to operating system files, installation of software, privilege elevation into the organizational incident response capability.
Requirements: Azure utilizes Azure Security Pack (AzSecPack) monitoring via Azure System Lockdown (AzSysLock) for unexpected running software - to alert on and in some cases block unsigned code from running in the environment. This is defined as any software that is not signed per the appropriate signing certificates. AzSysLock sends alerts for service teams that are not properly using AppLocker and Code Integrity. Additionally, for services running with AzSysLock in enforcement mode, which is currently an opt-in feature of AzSecPack, the binary does not run if it is not signed. Alerts for unsigned binaries running are created to service owners as a Severity 2 incident per Azure CEN. In addition, for servers, AzSecPack alerts on critical baseline changes. For network devices, the Config Policy Verifier (CPV) and Config Change Reporter (CCR) alerts on any changes not tied to a work ticket.

Mode

Indexed

Type

Static

Preview

False

Deprecated

False

Effect

Fixed
audit

RBAC role(s)

none

Rule aliases

none

Rule resource types

IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups

Compliance

The following 2 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1716 - Software & Information Integrity | Integration Of Detection And Response' (e54c325e-42a0-4dcf-b105-046e0f6f590f)

Control Domain	Control	Name	MetadataId	Category	Title	Owner	Requirements	Description	Info	Policy#
	op.exp.2 Security configuration	op.exp.2 Security configuration	404 not found				n/a	n/a		112
	op.exp.3 Security configuration management	op.exp.3 Security configuration management	404 not found				n/a	n/a		123

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
Spain ENS	175daf90-21e1-4fec-b745-7b4c909aa94c	Regulatory Compliance	GA	BuiltIn

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2022-04-01 20:29:14	change	Patch (1.0.0 > 1.0.1)

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC