| Category | Id | DisplayName | Description | Change | Date (UTC ymd) (i) |
|---|---|---|---|---|---|
| Nexus | 336cb876-5cb8-4795-b9d1-bd9323d3487e | [Preview]: Nexus Compute Cluster Security Baseline | This initiative includes policies designed to reflect the security baseline expectations of Nexus Compute Clusters. It ensures that the cluster configurations adhere to specific security controls that are critical for maintaining a secure environment. |
change Version: Minor, suffix remains equal (1.0.0-preview > 1.1.0-preview) |
2025-07-16 17:22:33 |
| Regulatory Compliance | e0782c37-30da-4a78-9f92-50bfe7aa2553 | K ISMS P 2018 | K-ISMS-P establishes requirements for protecting personal data and securing information systems in South Korea. The framework establishes administrative, physical, and technical controls for data privacy and system security. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (47)
|
2025-07-10 17:22:37 |
| Regulatory Compliance | f9c0485f-da8e-43b5-961e-58ebd54b907c | DORA 2022 2554 | DORA establishes resilience standards for digital operations in the European Union (EU) financial sector. The regulation governs information and communication technology (ICT) risk, incident response, and third-party oversight. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (19)
|
2025-07-10 17:22:37 |
| Regulatory Compliance | 470a962c-86a0-433b-803a-3c176b5ce79c | CIS Azure Foundations v3.0.0 | CIS Azure Foundations 3.0 defines benchmark controls to improve cloud security in Microsoft Azure. The standard aligns with industry best practices for risk reduction and secure configurations. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (4)
|
2025-07-10 17:22:37 |
| Regulatory Compliance | 06f19060-9e68-4070-92ca-f15cc126059e | CIS Microsoft Azure Foundations Benchmark v2.0.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v2.0.0 controls. For more information, visit https://aka.ms/cisazure200-initiative |
change Version: Minor (1.5.0 > 1.6.0)
remove Policy (27)
|
2025-06-25 17:22:28 |
| Regulatory Compliance | f58a876c-ec25-417e-9634-58d2a93e3fe2 | NIST AI RMF v1.0 | NIST AI RMF provides guidance for managing AI risks across sectors. The framework promotes trustworthy, transparent, and responsible AI development and use. |
add Initiative
|
2025-06-25 17:22:28 |
| Regulatory Compliance | 1308bccf-446a-4283-a4e0-0c983fe7a572 | EU AI Act 2024 1689 | EU AI Act defines obligations for AI systems based on their risk to safety and fundamental rights. The regulation promotes transparency, oversight, and risk-based AI controls. |
add Initiative
|
2025-06-25 17:22:28 |
| Regulatory Compliance | 470a962c-86a0-433b-803a-3c176b5ce79c | CIS Azure Foundations v3.0.0 | CIS Azure Foundations 3.0 defines benchmark controls to improve cloud security in Microsoft Azure. The standard aligns with industry best practices for risk reduction and secure configurations. |
add Initiative
|
2025-06-25 17:22:28 |
| Regulatory Compliance | e0782c37-30da-4a78-9f92-50bfe7aa2553 | K ISMS P 2018 | K-ISMS-P establishes requirements for protecting personal data and securing information systems in South Korea. The framework establishes administrative, physical, and technical controls for data privacy and system security. |
add Initiative
|
2025-06-25 17:22:28 |
| Regulatory Compliance | f9c0485f-da8e-43b5-961e-58ebd54b907c | DORA 2022 2554 | DORA establishes resilience standards for digital operations in the European Union (EU) financial sector. The regulation governs information and communication technology (ICT) risk, incident response, and third-party oversight. |
add Initiative
|
2025-06-25 17:22:28 |
| Regulatory Compliance | 046796ef-e8a7-4398-bbe9-cce970b1a3ae | CIS Controls v8.1 | Globally recognized cybersecurity best practices, offering actionable steps to protect against cyber threats. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (4)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 4fcabc2a-30b2-4ba5-9fbb-b1a4e08fb721 | FBI Criminal Justice Information Services (CJIS) v5.9.5 | Standards by the FBI to secure criminal justice information, covering data access, transmission, and storage. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change Version: Minor (11.14.0 > 11.15.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 60205a79-6280-4e20-a147-e2011e09dc78 | NIST SP 800-53 R5.1.1 | Comprehensive security and privacy controls framework for U.S. federal information systems and organizations. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 184a0e05-7b06-4a68-bbbe-13b8353bc613 | NIST CSF v2.0 | Risk-based approach to managing cybersecurity threats, offering guidance for improving cybersecurity practices. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 42346945-b531-41d8-9e46-f95057672e88 | EU 2022/2555 (NIS2) 2022 | Enhances cybersecurity across the EU with security measures and incident reporting for critical sectors. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | a4087154-2edb-4329-b56a-1cc986807f3c | Cybersecurity Maturity Model Certification (CMMC) Level 2 v1.9.0 | Focuses on protecting Controlled Unclassified Information (CUI) in defense contracting with advanced security controls. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | a06d5deb-24aa-4991-9d58-fa7563154e31 | PCI DSS v4.0.1 | Payment Card Industry Data Security Standard, focusing on protecting credit card transaction data. |
change Version: Minor (1.3.0 > 1.4.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 4476df0a-18ab-4bfe-b6ad-cccae1cf320f | NZISM v3.7 | New Zealand's Information Security Manual, providing security guidance for government agencies. |
change Version: Minor (1.3.0 > 1.4.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 53ad89f5-8542-49e9-ba81-1cbd686e0d52 | SOC 2023 | Service Organization Control reports that ensure organizations manage sensitive data securely and comply with trust service criteria. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | e0d47b75-5d99-442a-9d60-07f2595ab095 | HITRUST CSF v11.3 | A comprehensive security and privacy framework for managing compliance in industries like healthcare and finance. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 8791506a-dec4-497a-a83f-3abfde37c400 | CSA CSA Cloud Controls Matrix v4.0.12 | Cybersecurity framework by the Cloud Security Alliance (CSA), offering security controls specifically for cloud environments. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | f8f5293d-df94-484a-a3e7-6b422a999d91 | Canada Federal PBMM 3-1-2020 | Security standards for Canadian federal systems, ensuring the confidentiality, integrity, and availability of sensitive information. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 7499005e-df5a-45d9-810f-041cf346678c | SWIFT Customer Security Controls Framework 2024 | Ensures secure transactions for organizations using SWIFT, the global financial messaging service. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
change Version: Minor (8.7.0 > 8.8.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 1d5dbdd5-6f93-43ce-a939-b19df3753cf7 | FFIEC CAT 2017 | Assessment tool for financial institutions to measure cybersecurity preparedness, from the FFIEC. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 38916c43-6876-4971-a4b1-806aa7e55ccc | NIST 800-171 R3 | Guidelines for protecting Controlled Unclassified Information (CUI) in non-federal systems and organizations. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
change Version: Minor (8.7.0 > 8.8.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
change Version: Minor, suffix remains equal (9.7.0-deprecated > 9.8.0-deprecated)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | e3030e83-88d5-4f23-8734-6577a2c97a32 | ISO/IEC 27002 2022 | Provides specific guidance on implementing controls for information security, complementing ISO 27001. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 6d220abf-cf6f-4b17-8f7e-0644c4cc84b4 | NCSC Cyber Assurance Framework (CAF) v3.2 | UK framework providing cybersecurity guidance for critical national infrastructure to protect systems and data. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 7326812a-86a4-40c8-af7c-8945de9c4913 | EU General Data Protection Regulation (GDPR) 2016/679 | Comprehensive data protection law regulating personal data processing within the EU. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (3)
|
2025-06-09 17:23:47 |
| Monitoring | 55f3eceb-5573-4f18-9695-226972c6d74a | Legacy - Enable Azure Monitor for VMs | Legacy - Enable Azure Monitor for the virtual machines (VMs) in the specified scope (management group, subscription or resource group). Takes Log Analytics workspace as parameter. Use the new initiative named: Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) |
change Version: Minor (2.0.1 > 2.1.0)
remove Policy (2)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
change Version: Minor, suffix remains equal (4.14.0-preview > 4.15.0-preview)
remove Policy (2)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
change Version: Minor (8.7.0 > 8.8.0)
remove Policy (2)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
change Version: Minor, suffix remains equal (2.15.0-preview > 2.16.0-preview)
remove Policy (2)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 7bc7cd6c-4114-ff31-3cac-59be3157596d | SWIFT CSP-CSCF v2022 | SWIFT's Customer Security Programme (CSP) helps financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF). These policies address a subset of SWIFT controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/swift-cscf-v2021 |
change Version: Minor (2.11.0 > 2.12.0)
remove Policy (2)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
change Version: Minor, suffix remains equal (2.18.0-preview > 2.19.0-preview)
remove Policy (2)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 175daf90-21e1-4fec-b745-7b4c909aa94c | Spain ENS | This initiative includes policies that address National Security Scheme (ENS) controls specifically for the 'CCN-STIC 884'. This policy set includes definitions that have a Deny effect by default. |
change Version: Minor (1.6.1 > 1.7.0)
remove Policy (2)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 6ce73208-883e-490f-a2ac-44aac3b3687f | NL BIO Cloud Theme | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
change Version: Minor (1.11.0 > 1.12.0)
remove Policy (2)
|
2025-06-09 17:23:47 |
| Monitoring | 75714362-cae7-409e-9b99-a8e5075b7fad | Legacy - Enable Azure Monitor for Virtual Machine Scale Sets | Legacy - Enable Azure Monitor for the Virtual Machine Scale Sets in the specified scope (Management group, Subscription or resource group). Takes Log Analytics workspace as parameter. Use the new initiative named: Enable Azure Monitor for VMSS with Azure Monitoring Agent(AMA). Note: if your scale set upgradePolicy is set to Manual, you need to apply the extension to the all VMs in the set by calling upgrade on them. In CLI this would be az vmss update-instances. |
change Version: Minor (1.0.2 > 1.1.0)
remove Policy (2)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | d8b2ffbe-c6a8-4622-965d-4ade11d1d2ee | NL BIO Cloud Theme V2 | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
change Version: Minor (2.3.0 > 2.4.0)
remove Policy (2)
|
2025-06-09 17:23:47 |
| SDN | f1535064-3294-48fa-94e2-6e83095a5c08 | Audit Public Network Access | Audit Azure resources that allow access from the public internet |
change Version: Minor (4.2.0 > 4.3.0)
remove Policy (1)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
change Version: Minor, suffix remains equal (8.8.0-preview > 8.9.0-preview)
remove Policy (1)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Version: Minor (15.18.0 > 15.19.0)
remove Policy (1)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor, suffix remains equal (11.12.0-deprecated > 11.13.0-deprecated)
remove Policy (1)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | f48ecfa6-581c-43f9-8141-cd4adc72cf26 | ISO/IEC 27017 2015 | Cloud-specific extension to ISO 27001, providing security guidelines for cloud service providers and customers. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (1)
|
2025-06-09 17:23:47 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Minor (9.17.0 > 9.18.0)
remove Policy (1)
|
2025-06-09 17:23:47 |
| BuiltInPolicyTest | 1bb84455-9e6e-434c-8db6-fa6d03a67e87 | Ensures resources to not have a specific tag. This is a versioning test built-in. | Denies the creation of a resource that contains the given tag. Does not apply to resource groups. |
change Category (1)
change DisplayName
change Version: Patch (2.0.0 > 2.0.1) |
2025-06-06 17:22:54 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
add Policy (1)
change Version: Major, suffix remains equal (1.9.0-preview > 2.0.0-preview) |
2025-05-27 20:12:11 |
| Kubernetes | 4fd005fd-51be-478f-a8fb-149d48b20d48 | [Preview]: Kubernetes cluster should follow the security control recommendations of Center for Internet Security (CIS) Kubernetes benchmark | This initiative includes the policies for the security recommendation for Center for Internet Security (CIS) Kubernetes benchmark, you can use this initiative to stay compliant with CIS Kubernetes benchmark. For more information of CIS compliance, visit: https://aka.ms/aks/cis-kubernetes |
add Initiative
|
2025-05-27 20:12:11 |
| ChangeTrackingAndInventory | c4a70814-96be-461c-889f-2b27429120dc | Enable ChangeTracking and Inventory for virtual machine scale sets | Enable ChangeTracking and Inventory for virtual machine scale sets. Takes Data Collection Rule ID as parameter and asks for an option to input applicable locations and user-assigned identity for Azure Monitor Agent. |
change DisplayName
change Version: Patch, old suffix: preview (1.1.0-preview > 1.1.1) |
2025-05-21 17:56:14 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (57.50.0 > 57.51.0) |
2025-05-21 17:56:14 |
| Regulatory Compliance | 8791506a-dec4-497a-a83f-3abfde37c400 | CSA CSA Cloud Controls Matrix v4.0.12 | Cybersecurity framework by the Cloud Security Alliance (CSA), offering security controls specifically for cloud environments. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 7499005e-df5a-45d9-810f-041cf346678c | SWIFT Customer Security Controls Framework 2024 | Ensures secure transactions for organizations using SWIFT, the global financial messaging service. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 7326812a-86a4-40c8-af7c-8945de9c4913 | EU General Data Protection Regulation (GDPR) 2016/679 | Comprehensive data protection law regulating personal data processing within the EU. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 1d5dbdd5-6f93-43ce-a939-b19df3753cf7 | FFIEC CAT 2017 | Assessment tool for financial institutions to measure cybersecurity preparedness, from the FFIEC. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
change Version: Minor, suffix remains equal (2.14.0-preview > 2.15.0-preview)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
change Version: Minor, suffix remains equal (9.6.0-deprecated > 9.7.0-deprecated)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | f8f5293d-df94-484a-a3e7-6b422a999d91 | Canada Federal PBMM 3-1-2020 | Security standards for Canadian federal systems, ensuring the confidentiality, integrity, and availability of sensitive information. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-init. |
change Version: Minor, suffix remains equal (4.5.0-preview > 4.6.0-preview)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | e3030e83-88d5-4f23-8734-6577a2c97a32 | ISO/IEC 27002 2022 | Provides specific guidance on implementing controls for information security, complementing ISO 27001. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 6d220abf-cf6f-4b17-8f7e-0644c4cc84b4 | NCSC Cyber Assurance Framework (CAF) v3.2 | UK framework providing cybersecurity guidance for critical national infrastructure to protect systems and data. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Minor (9.16.0 > 9.17.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | f48ecfa6-581c-43f9-8141-cd4adc72cf26 | ISO/IEC 27017 2015 | Cloud-specific extension to ISO 27001, providing security guidelines for cloud service providers and customers. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 38916c43-6876-4971-a4b1-806aa7e55ccc | NIST 800-171 R3 | Guidelines for protecting Controlled Unclassified Information (CUI) in non-federal systems and organizations. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | e0d47b75-5d99-442a-9d60-07f2595ab095 | HITRUST CSF v11.3 | A comprehensive security and privacy framework for managing compliance in industries like healthcare and finance. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | a06d5deb-24aa-4991-9d58-fa7563154e31 | PCI DSS v4.0.1 | Payment Card Industry Data Security Standard, focusing on protecting credit card transaction data. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 4476df0a-18ab-4bfe-b6ad-cccae1cf320f | NZISM v3.7 | New Zealand's Information Security Manual, providing security guidance for government agencies. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change Version: Minor (11.13.0 > 11.14.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 53ad89f5-8542-49e9-ba81-1cbd686e0d52 | SOC 2023 | Service Organization Control reports that ensure organizations manage sensitive data securely and comply with trust service criteria. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
change Version: Minor, suffix remains equal (14.7.0-deprecated > 14.8.0-deprecated)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
change Version: Minor, suffix remains equal (2.17.0-preview > 2.18.0-preview)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 7bc7cd6c-4114-ff31-3cac-59be3157596d | SWIFT CSP-CSCF v2022 | SWIFT's Customer Security Programme (CSP) helps financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF). These policies address a subset of SWIFT controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/swift-cscf-v2021 |
change Version: Minor (2.10.0 > 2.11.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 184a0e05-7b06-4a68-bbbe-13b8353bc613 | NIST CSF v2.0 | Risk-based approach to managing cybersecurity threats, offering guidance for improving cybersecurity practices. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
change Version: Minor, suffix remains equal (4.13.0-preview > 4.14.0-preview)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | a4087154-2edb-4329-b56a-1cc986807f3c | Cybersecurity Maturity Model Certification (CMMC) Level 2 v1.9.0 | Focuses on protecting Controlled Unclassified Information (CUI) in defense contracting with advanced security controls. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 5e4ff661-23bf-42fa-8e3a-309a55091cc7 | ISO/IEC 27001 2022 | International standard for managing information security via an Information Security Management System (ISMS). |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 60205a79-6280-4e20-a147-e2011e09dc78 | NIST SP 800-53 R5.1.1 | Comprehensive security and privacy controls framework for U.S. federal information systems and organizations. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Version: Minor (14.9.0 > 14.10.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 42346945-b531-41d8-9e46-f95057672e88 | EU 2022/2555 (NIS2) 2022 | Enhances cybersecurity across the EU with security measures and incident reporting for critical sectors. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 046796ef-e8a7-4398-bbe9-cce970b1a3ae | CIS Controls v8.1 | Globally recognized cybersecurity best practices, offering actionable steps to protect against cyber threats. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Version: Minor (15.17.0 > 15.18.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 4fcabc2a-30b2-4ba5-9fbb-b1a4e08fb721 | FBI Criminal Justice Information Services (CJIS) v5.9.5 | Standards by the FBI to secure criminal justice information, covering data access, transmission, and storage. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2025-05-09 17:29:42 |
| Regulatory Compliance | 1d5dbdd5-6f93-43ce-a939-b19df3753cf7 | FFIEC CAT 2017 | Assessment tool for financial institutions to measure cybersecurity preparedness, from the FFIEC. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-04-24 19:52:16 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Minor (57.49.0 > 57.50.0) |
2025-04-24 19:52:16 |
| Regulatory Compliance | 7326812a-86a4-40c8-af7c-8945de9c4913 | EU General Data Protection Regulation (GDPR) 2016/679 | Comprehensive data protection law regulating personal data processing within the EU. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-04-24 19:52:16 |
| Regulatory Compliance | 42346945-b531-41d8-9e46-f95057672e88 | EU 2022/2555 (NIS2) 2022 | Enhances cybersecurity across the EU with security measures and incident reporting for critical sectors. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-04-24 19:52:16 |
| Regulatory Compliance | 184a0e05-7b06-4a68-bbbe-13b8353bc613 | NIST CSF v2.0 | Risk-based approach to managing cybersecurity threats, offering guidance for improving cybersecurity practices. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-04-24 19:52:16 |
| Regulatory Compliance | 4fcabc2a-30b2-4ba5-9fbb-b1a4e08fb721 | FBI Criminal Justice Information Services (CJIS) v5.9.5 | Standards by the FBI to secure criminal justice information, covering data access, transmission, and storage. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-04-24 19:52:16 |
| Regulatory Compliance | 8791506a-dec4-497a-a83f-3abfde37c400 | CSA CSA Cloud Controls Matrix v4.0.12 | Cybersecurity framework by the Cloud Security Alliance (CSA), offering security controls specifically for cloud environments. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-04-24 19:52:16 |
| Regulatory Compliance | 046796ef-e8a7-4398-bbe9-cce970b1a3ae | CIS Controls v8.1 | Globally recognized cybersecurity best practices, offering actionable steps to protect against cyber threats. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-04-24 19:52:16 |
| Regulatory Compliance | f8f5293d-df94-484a-a3e7-6b422a999d91 | Canada Federal PBMM 3-1-2020 | Security standards for Canadian federal systems, ensuring the confidentiality, integrity, and availability of sensitive information. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-04-24 19:52:16 |
| Regulatory Compliance | f48ecfa6-581c-43f9-8141-cd4adc72cf26 | ISO/IEC 27017 2015 | Cloud-specific extension to ISO 27001, providing security guidelines for cloud service providers and customers. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-04-24 19:52:16 |
| Security Center | f08c57cd-dbd6-49a4-a85e-9ae77ac959b0 | Configure Microsoft Defender for Cloud plans | Microsoft Defender for Cloud provides comprehensive, cloud-native protections from development to runtime in multi-cloud environments. Use the policy initiative to configure Defender for Cloud plans and extensions to be enabled on selected scope(s). |
add Policy (1)
change Version: Minor (1.0.0 > 1.1.0) |
2025-04-24 19:52:16 |
| Regulatory Compliance | a4087154-2edb-4329-b56a-1cc986807f3c | Cybersecurity Maturity Model Certification (CMMC) Level 2 v1.9.0 | Focuses on protecting Controlled Unclassified Information (CUI) in defense contracting with advanced security controls. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-04-24 19:52:16 |
| Regulatory Compliance | e3030e83-88d5-4f23-8734-6577a2c97a32 | ISO/IEC 27002 2022 | Provides specific guidance on implementing controls for information security, complementing ISO 27001. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-04-24 19:52:16 |
| Regulatory Compliance | e0d47b75-5d99-442a-9d60-07f2595ab095 | HITRUST CSF v11.3 | A comprehensive security and privacy framework for managing compliance in industries like healthcare and finance. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-04-24 19:52:16 |
| Regulatory Compliance | 4476df0a-18ab-4bfe-b6ad-cccae1cf320f | NZISM v3.7 | New Zealand's Information Security Manual, providing security guidance for government agencies. |
change Version: Minor (1.1.0 > 1.2.0) |
2025-04-24 19:52:16 |
| Regulatory Compliance | c1cbff38-87c0-4b9f-9f70-035c7a3b5523 | Sovereignty Baseline - Global Policies | The Microsoft Cloud for Sovereignty recommends global policies to help organizations achieve their sovereignty goals by default denying the creation of resources outside of approved regions. More details can be found here: https://aka.ms/SovereigntyBaselinePolicies |
change Version: Minor (1.1.1 > 1.2.0) |
2025-04-24 19:52:16 |
| Regulatory Compliance | a06d5deb-24aa-4991-9d58-fa7563154e31 | PCI DSS v4.0.1 | Payment Card Industry Data Security Standard, focusing on protecting credit card transaction data. |
change Version: Minor (1.1.0 > 1.2.0) |
2025-04-24 19:52:16 |
| Regulatory Compliance | 03de05a4-c324-4ccd-882f-a814ea8ab9ea | Sovereignty Baseline - Confidential Policies | The Microsoft Cloud for Sovereignty recommends confidential policies to help organizations achieve their sovereignty goals by default denying the creation of resources outside of approved regions, denying resources that are not backed by Azure Confidential Computing, and denying data storage resources that are not using Customer-Managed Keys. More details can be found here: https://aka.ms/SovereigntyBaselinePolicies |
change Version: Minor (1.1.1 > 1.2.0) |
2025-04-24 19:52:16 |
| Regulatory Compliance | d8b2ffbe-c6a8-4622-965d-4ade11d1d2ee | NL BIO Cloud Theme V2 | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
add Policy (34)
change Version: Minor (2.2.0 > 2.3.0) |
2025-04-09 19:19:09 |
| Regulatory Compliance | 175daf90-21e1-4fec-b745-7b4c909aa94c | Spain ENS | This initiative includes policies that address National Security Scheme (ENS) controls specifically for the 'CCN-STIC 884'. This policy set includes definitions that have a Deny effect by default. |
change Version: Patch (1.6.0 > 1.6.1) |
2025-03-26 20:41:06 |
| Security Center | c1529623-9fc2-45bc-b84b-b14cd0b7484e | Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender extension | Microsoft Defender for SQL collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). |
add Initiative
|
2025-03-20 19:17:45 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
change Version: Minor (9.6.0 > 9.7.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
change Version: Minor, suffix remains equal (2.16.0-preview > 2.17.0-preview)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
change Version: Minor (8.6.0 > 8.7.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 | PCI v3.2.1:2018 | This initiative includes policies that address a subset of PCI v3.2.1:2018 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/pciv321-init. |
change Version: Minor (6.5.0 > 6.6.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | c676748e-3af9-4e22-bc28-50feed564afb | PCI DSS v4 | The Payment Card Industry (PCI) Data Security Standards (DSS) is a global information security standard designed to prevent fraud through increased control of credit card data. Compliance with PCI DSS is required for any organization that stores, processes, or transmits payment and cardholder data. These policies address a subset of PCI-DSS v4 controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/pci-dss-3-2-1 |
change Version: Minor (1.6.0 > 1.7.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Version: Minor (15.16.0 > 15.17.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (57.48.0 > 57.49.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 4476df0a-18ab-4bfe-b6ad-cccae1cf320f | NZISM v3.7 | New Zealand's Information Security Manual, providing security guidance for government agencies. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
change Version: Minor (14.16.0 > 14.17.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
change Version: Minor, suffix remains equal (8.7.0-preview > 8.8.0-preview)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Version: Minor (17.16.0 > 17.17.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
change Version: Minor, suffix remains equal (1.17.0-preview > 1.18.0-preview)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor, suffix remains equal (11.11.0-deprecated > 11.12.0-deprecated)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Version: Minor (17.16.0 > 17.17.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 38916c43-6876-4971-a4b1-806aa7e55ccc | NIST 800-171 R3 | Guidelines for protecting Controlled Unclassified Information (CUI) in non-federal systems and organizations. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
change Version: Minor, suffix remains equal (14.6.0-deprecated > 14.7.0-deprecated)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2020-init. |
change Version: Minor, suffix remains equal (6.5.0-preview > 6.6.0-preview)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Version: Minor (17.17.0 > 17.18.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 7bc7cd6c-4114-ff31-3cac-59be3157596d | SWIFT CSP-CSCF v2022 | SWIFT's Customer Security Programme (CSP) helps financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF). These policies address a subset of SWIFT controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/swift-cscf-v2021 |
change Version: Minor (2.9.0 > 2.10.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
change Version: Minor (16.9.0 > 16.10.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor, suffix remains equal (2.14.0-deprecated > 2.15.0-deprecated)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 7499005e-df5a-45d9-810f-041cf346678c | SWIFT Customer Security Controls Framework 2024 | Ensures secure transactions for organizations using SWIFT, the global financial messaging service. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Minor (9.15.0 > 9.16.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 6d220abf-cf6f-4b17-8f7e-0644c4cc84b4 | NCSC Cyber Assurance Framework (CAF) v3.2 | UK framework providing cybersecurity guidance for critical national infrastructure to protect systems and data. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 4f5b1359-4f8e-4d7c-9733-ea47fcde891e | New Zealand ISM | NZISM v3.8. The New Zealand Information Security Manual (NZISM) details processes and controls essential for the protection of all New Zealand Government information and systems. This initiative includes policies that address a subset of NZISM controls. Additional policies will be added in upcoming releases. For full details on controls, please refer to https://www.nzism.gcsb.govt.nz/ism-document. This policy set includes definitions that have a Deny effect by default. |
change Version: Minor (1.7.0 > 1.8.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | a06d5deb-24aa-4991-9d58-fa7563154e31 | PCI DSS v4.0.1 | Payment Card Industry Data Security Standard, focusing on protecting credit card transaction data. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 6ce73208-883e-490f-a2ac-44aac3b3687f | NL BIO Cloud Theme | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
change Version: Minor (1.10.0 > 1.11.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Version: Minor (14.8.0 > 14.9.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
change Version: Minor, suffix remains equal (9.5.0-deprecated > 9.6.0-deprecated)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 60205a79-6280-4e20-a147-e2011e09dc78 | NIST SP 800-53 R5.1.1 | Comprehensive security and privacy controls framework for U.S. federal information systems and organizations. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
change Version: Minor (8.6.0 > 8.7.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
change Version: Minor, suffix remains equal (4.12.0-preview > 4.13.0-preview)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
change Version: Minor, suffix remains equal (2.13.0-preview > 2.14.0-preview)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 53ad89f5-8542-49e9-ba81-1cbd686e0d52 | SOC 2023 | Service Organization Control reports that ensure organizations manage sensitive data securely and comply with trust service criteria. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change Version: Minor (11.12.0 > 11.13.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
change Version: Minor, suffix remains equal (11.10.0-deprecated > 11.11.0-deprecated)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
change Version: Minor (8.6.0 > 8.7.0)
remove Policy (1)
|
2025-03-12 18:29:00 |
| Regulatory Compliance | c1cbff38-87c0-4b9f-9f70-035c7a3b5523 | Sovereignty Baseline - Global Policies | The Microsoft Cloud for Sovereignty recommends global policies to help organizations achieve their sovereignty goals by default denying the creation of resources outside of approved regions. More details can be found here: https://aka.ms/SovereigntyBaselinePolicies |
change DisplayName
change Version: Patch, old suffix: preview (1.1.0-preview > 1.1.1) |
2025-03-06 18:27:48 |
| Regulatory Compliance | 175daf90-21e1-4fec-b745-7b4c909aa94c | Spain ENS | This initiative includes policies that address National Security Scheme (ENS) controls specifically for the 'CCN-STIC 884'. This policy set includes definitions that have a Deny effect by default. |
change Version: Minor (1.5.0 > 1.6.0)
remove Policy (2)
|
2025-02-27 18:38:20 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change Version: Minor (11.11.0 > 11.12.0)
remove Policy (1)
|
2025-02-27 18:38:20 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Minor (9.14.0 > 9.15.0)
remove Policy (1)
|
2025-02-27 18:38:20 |
| Regulatory Compliance | 03de05a4-c324-4ccd-882f-a814ea8ab9ea | Sovereignty Baseline - Confidential Policies | The Microsoft Cloud for Sovereignty recommends confidential policies to help organizations achieve their sovereignty goals by default denying the creation of resources outside of approved regions, denying resources that are not backed by Azure Confidential Computing, and denying data storage resources that are not using Customer-Managed Keys. More details can be found here: https://aka.ms/SovereigntyBaselinePolicies |
change Version: Patch (1.1.0 > 1.1.1) |
2025-02-27 18:38:20 |
| Regulatory Compliance | 03de05a4-c324-4ccd-882f-a814ea8ab9ea | Sovereignty Baseline - Confidential Policies | The Microsoft Cloud for Sovereignty recommends confidential policies to help organizations achieve their sovereignty goals by default denying the creation of resources outside of approved regions, denying resources that are not backed by Azure Confidential Computing, and denying data storage resources that are not using Customer-Managed Keys. More details can be found here: https://aka.ms/SovereigntyBaselinePolicies |
add Policy (2)
change DisplayName
change Version: Minor, old suffix: preview (1.0.1-preview > 1.1.0) |
2025-02-10 19:35:56 |
| Regulatory Compliance | 8791506a-dec4-497a-a83f-3abfde37c400 | CSA CSA Cloud Controls Matrix v4.0.12 | Cybersecurity framework by the Cloud Security Alliance (CSA), offering security controls specifically for cloud environments. |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | f48ecfa6-581c-43f9-8141-cd4adc72cf26 | ISO/IEC 27017 2015 | Cloud-specific extension to ISO 27001, providing security guidelines for cloud service providers and customers. |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | 1d5dbdd5-6f93-43ce-a939-b19df3753cf7 | FFIEC CAT 2017 | Assessment tool for financial institutions to measure cybersecurity preparedness, from the FFIEC. |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | f8f5293d-df94-484a-a3e7-6b422a999d91 | Canada Federal PBMM 3-1-2020 | Security standards for Canadian federal systems, ensuring the confidentiality, integrity, and availability of sensitive information. |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | e0d47b75-5d99-442a-9d60-07f2595ab095 | HITRUST CSF v11.3 | A comprehensive security and privacy framework for managing compliance in industries like healthcare and finance. |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | 7326812a-86a4-40c8-af7c-8945de9c4913 | EU General Data Protection Regulation (GDPR) 2016/679 | Comprehensive data protection law regulating personal data processing within the EU. |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | e3030e83-88d5-4f23-8734-6577a2c97a32 | ISO/IEC 27002 2022 | Provides specific guidance on implementing controls for information security, complementing ISO 27001. |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | 42346945-b531-41d8-9e46-f95057672e88 | EU 2022/2555 (NIS2) 2022 | Enhances cybersecurity across the EU with security measures and incident reporting for critical sectors. |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | a4087154-2edb-4329-b56a-1cc986807f3c | Cybersecurity Maturity Model Certification (CMMC) Level 2 v1.9.0 | Focuses on protecting Controlled Unclassified Information (CUI) in defense contracting with advanced security controls. |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | 5e4ff661-23bf-42fa-8e3a-309a55091cc7 | ISO/IEC 27001 2022 | International standard for managing information security via an Information Security Management System (ISMS). |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | b2f588d7-1ed5-47c7-977d-b93dff520c4c | Cyber Essentials v3.1 | UK certification scheme to protect against common cyber threats through basic security controls. |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | 770977b7-fceb-4c16-9d09-b7484fb8eef2 | Brazilian General Data Protection Law (LGPD) 2018 | Brazil's comprehensive data protection law, regulating the processing of personal data. |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | f03d9540-4405-4365-8272-318999d1b37a | APRA CPS 234 2019 | Australian Prudential Regulation Authority (APRA) standard for managing information security risks in regulated entities. |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | 4fcabc2a-30b2-4ba5-9fbb-b1a4e08fb721 | FBI Criminal Justice Information Services (CJIS) v5.9.5 | Standards by the FBI to secure criminal justice information, covering data access, transmission, and storage. |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | fe7782e4-6ff3-4e39-8d8a-64b6f7b82c85 | CIS Azure Foundations v2.1.0 | Security guidance for Microsoft Azure, providing best practices to enhance security posture. |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | 184a0e05-7b06-4a68-bbbe-13b8353bc613 | NIST CSF v2.0 | Risk-based approach to managing cybersecurity threats, offering guidance for improving cybersecurity practices. |
add Initiative
|
2025-01-30 19:27:00 |
| Regulatory Compliance | 046796ef-e8a7-4398-bbe9-cce970b1a3ae | CIS Controls v8.1 | Globally recognized cybersecurity best practices, offering actionable steps to protect against cyber threats. |
add Initiative
|
2025-01-30 19:27:00 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Minor (57.45.0 > 57.48.0)
remove Policy (4)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
change Version: Minor (14.15.0 > 14.16.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change Version: Minor (11.10.0 > 11.11.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Version: Minor (17.15.0 > 17.16.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 6ce73208-883e-490f-a2ac-44aac3b3687f | NL BIO Cloud Theme | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
change Version: Minor (1.9.0 > 1.10.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
change Version: Minor, suffix remains equal (8.6.0-preview > 8.7.0-preview)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
change Version: Minor, suffix remains equal (2.15.0-preview > 2.16.0-preview)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
change Version: Minor, suffix remains equal (1.16.0-preview > 1.17.0-preview)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 4f5b1359-4f8e-4d7c-9733-ea47fcde891e | New Zealand ISM | NZISM v3.8. The New Zealand Information Security Manual (NZISM) details processes and controls essential for the protection of all New Zealand Government information and systems. This initiative includes policies that address a subset of NZISM controls. Additional policies will be added in upcoming releases. For full details on controls, please refer to https://www.nzism.gcsb.govt.nz/ism-document. This policy set includes definitions that have a Deny effect by default. |
change Version: Minor (1.6.0 > 1.7.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Version: Minor (14.7.0 > 14.8.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
change Version: Minor (8.5.0 > 8.6.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Version: Minor (17.15.0 > 17.16.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Version: Minor (15.15.0 > 15.16.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Version: Minor (17.16.0 > 17.17.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Minor (9.13.0 > 9.14.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 7bc7cd6c-4114-ff31-3cac-59be3157596d | SWIFT CSP-CSCF v2022 | SWIFT's Customer Security Programme (CSP) helps financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF). These policies address a subset of SWIFT controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/swift-cscf-v2021 |
change Version: Minor (2.8.0 > 2.9.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
change Version: Minor (8.12.0 > 8.13.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
change Version: Minor (8.5.0 > 8.6.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 4054785f-702b-4a98-9215-009cbd58b141 | SOC 2 Type 2 | A System and Organization Controls (SOC) 2 is a report based on the Trust Service Principles and Criteria established by the American Institute of Certified Public Accountants (AICPA). The Report evaluates an organization's information system relevant to the following principles: security, availability, processing integrity, confidentiality and privacy. These policies address a subset of SOC 2 Type 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-soc-2 |
change Version: Minor (1.10.0 > 1.11.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 | CIS Microsoft Azure Foundations Benchmark v1.4.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.4.0 controls. For more information, visit https://aka.ms/cisazure140-initiative |
change Version: Minor (1.11.0 > 1.12.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
change Version: Minor (16.8.0 > 16.9.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 175daf90-21e1-4fec-b745-7b4c909aa94c | Spain ENS | This initiative includes policies that address National Security Scheme (ENS) controls specifically for the 'CCN-STIC 884'. This policy set includes definitions that have a Deny effect by default. |
change Version: Minor (1.4.0 > 1.5.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
change Version: Minor (9.5.0 > 9.6.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2020-init. |
change Version: Minor, suffix remains equal (6.4.0-preview > 6.5.0-preview)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | d8b2ffbe-c6a8-4622-965d-4ade11d1d2ee | NL BIO Cloud Theme V2 | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
change Version: Minor (2.1.0 > 2.2.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
change Version: Minor, suffix remains equal (2.12.0-preview > 2.13.0-preview)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
change Version: Minor, suffix remains equal (4.11.0-preview > 4.12.0-preview)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 06f19060-9e68-4070-92ca-f15cc126059e | CIS Microsoft Azure Foundations Benchmark v2.0.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v2.0.0 controls. For more information, visit https://aka.ms/cisazure200-initiative |
change Version: Minor (1.4.0 > 1.5.0)
remove Policy (3)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
change Version: Minor (8.5.0 > 8.6.0)
remove Policy (2)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | c676748e-3af9-4e22-bc28-50feed564afb | PCI DSS v4 | The Payment Card Industry (PCI) Data Security Standards (DSS) is a global information security standard designed to prevent fraud through increased control of credit card data. Compliance with PCI DSS is required for any organization that stores, processes, or transmits payment and cardholder data. These policies address a subset of PCI-DSS v4 controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/pci-dss-3-2-1 |
change Version: Minor (1.5.0 > 1.6.0)
remove Policy (2)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 | PCI v3.2.1:2018 | This initiative includes policies that address a subset of PCI v3.2.1:2018 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/pciv321-init. |
change Version: Minor (6.4.0 > 6.5.0)
remove Policy (2)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-init. |
change Version: Minor, suffix remains equal (4.4.0-preview > 4.5.0-preview)
remove Policy (1)
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 6d220abf-cf6f-4b17-8f7e-0644c4cc84b4 | NCSC Cyber Assurance Framework (CAF) v3.2 | UK framework providing cybersecurity guidance for critical national infrastructure to protect systems and data. |
add Initiative
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 4476df0a-18ab-4bfe-b6ad-cccae1cf320f | NZISM v3.7 | New Zealand's Information Security Manual, providing security guidance for government agencies. |
add Initiative
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 53ad89f5-8542-49e9-ba81-1cbd686e0d52 | SOC 2023 | Service Organization Control reports that ensure organizations manage sensitive data securely and comply with trust service criteria. |
add Initiative
|
2025-01-28 19:35:17 |
| Regulatory Compliance | a06d5deb-24aa-4991-9d58-fa7563154e31 | PCI DSS v4.0.1 | Payment Card Industry Data Security Standard, focusing on protecting credit card transaction data. |
add Initiative
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 32ff9e30-4725-4ca7-ba3a-904a7721ee87 | [Preview]: NIS2 | The NIS2 Directive enhances the cybersecurity and resilience of critical infrastructure and digital services across the European Union, ensuring a higher level of protection against cyber threats. |
add Initiative
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 5757cf73-35d1-46d4-8c78-17b7ddd6076a | Sarbanes Oxley Act 2022 | U.S. federal law aimed at improving corporate transparency and accountability, including provisions for cybersecurity and IT controls. |
add Initiative
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 38916c43-6876-4971-a4b1-806aa7e55ccc | NIST 800-171 R3 | Guidelines for protecting Controlled Unclassified Information (CUI) in non-federal systems and organizations. |
add Initiative
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 60205a79-6280-4e20-a147-e2011e09dc78 | NIST SP 800-53 R5.1.1 | Comprehensive security and privacy controls framework for U.S. federal information systems and organizations. |
add Initiative
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 7499005e-df5a-45d9-810f-041cf346678c | SWIFT Customer Security Controls Framework 2024 | Ensures secure transactions for organizations using SWIFT, the global financial messaging service. |
add Initiative
|
2025-01-28 19:35:17 |
| Regulatory Compliance | 4f5b1359-4f8e-4d7c-9733-ea47fcde891e | New Zealand ISM | NZISM v3.8. The New Zealand Information Security Manual (NZISM) details processes and controls essential for the protection of all New Zealand Government information and systems. This initiative includes policies that address a subset of NZISM controls. Additional policies will be added in upcoming releases. For full details on controls, please refer to https://www.nzism.gcsb.govt.nz/ism-document. This policy set includes definitions that have a Deny effect by default. |
change Version: Minor (1.5.0 > 1.6.0)
remove Policy (4)
|
2025-01-23 19:27:52 |
| Regulatory Compliance | d8b2ffbe-c6a8-4622-965d-4ade11d1d2ee | NL BIO Cloud Theme V2 | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
change Version: Minor (2.0.0 > 2.1.0)
remove Policy (2)
|
2025-01-23 19:27:52 |
| ChangeTrackingAndInventory | 53448c70-089b-4f52-8f38-89196d7f2de1 | Enable ChangeTracking and Inventory for Arc-enabled virtual machines | Enable ChangeTracking and Inventory for Arc-enabled virtual machines. Takes Data Collection Rule ID as parameter and asks for an option to input applicable locations. |
change DisplayName
change Version: Minor, old suffix: preview (1.0.0-preview > 1.1.0) |
2025-01-23 19:27:52 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
change Version: Minor (8.11.0 > 8.12.0)
remove Policy (1)
|
2025-01-23 19:27:52 |
| ChangeTrackingAndInventory | 92a36f05-ebc9-4bba-9128-b47ad2ea3354 | Enable ChangeTracking and Inventory for virtual machines | Enable ChangeTracking and Inventory for virtual machines. Takes Data Collection Rule ID as parameter and asks for an option to input applicable locations and user-assigned identity for Azure Monitor Agent. |
change DisplayName
change Version: Minor, old suffix: preview (1.1.0-preview > 1.2.0) |
2025-01-23 19:27:52 |
| Regulatory Compliance | d8b2ffbe-c6a8-4622-965d-4ade11d1d2ee | NL BIO Cloud Theme V2 | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
add Initiative
|
2024-11-01 18:49:42 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
add Policy (1)
change Version: Minor, suffix remains equal (1.8.0-preview > 1.9.0-preview) |
2024-10-30 18:57:58 |
| Regulatory Compliance | 4f5b1359-4f8e-4d7c-9733-ea47fcde891e | New Zealand ISM | NZISM v3.8. The New Zealand Information Security Manual (NZISM) details processes and controls essential for the protection of all New Zealand Government information and systems. This initiative includes policies that address a subset of NZISM controls. Additional policies will be added in upcoming releases. For full details on controls, please refer to https://www.nzism.gcsb.govt.nz/ism-document. This policy set includes definitions that have a Deny effect by default. |
add Policy (4)
change Description
change Version: Minor (1.4.0 > 1.5.0)
remove Policy (1)
|
2024-10-18 17:51:45 |
| Regulatory Compliance | 7bc7cd6c-4114-ff31-3cac-59be3157596d | SWIFT CSP-CSCF v2022 | SWIFT's Customer Security Programme (CSP) helps financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF). These policies address a subset of SWIFT controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/swift-cscf-v2021 |
change Version: Minor (2.6.0 > 2.8.0)
remove Policy (3)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
change Version: Minor, suffix remains equal (4.9.0-preview > 4.11.0-preview)
remove Policy (3)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Minor (9.11.0 > 9.13.0)
remove Policy (3)
|
2024-10-15 17:53:51 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (57.44.0 > 57.45.0)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2020-init. |
change Version: Minor, suffix remains equal (6.3.0-preview > 6.4.0-preview)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
change Version: Minor (9.4.0 > 9.5.0)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
change Version: Minor, suffix remains equal (14.5.0-deprecated > 14.6.0-deprecated)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change Version: Minor (11.9.0 > 11.10.0)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
change Version: Minor, suffix remains equal (8.5.0-preview > 8.6.0-preview)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Version: Minor (14.6.0 > 14.7.0)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
change Version: Minor (8.4.0 > 8.5.0)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Version: Minor (17.14.0 > 17.15.0)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
change Version: Minor, suffix remains equal (1.15.0-preview > 1.16.0-preview)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 4f5b1359-4f8e-4d7c-9733-ea47fcde891e | New Zealand ISM | NZISM v3.8. The New Zealand Information Security Manual (NZISM) details processes and controls essential for the protection of all New Zealand Government information and systems. This initiative includes policies that address a subset of NZISM controls. Additional policies will be added in upcoming releases. For full details on controls, please refer to https://www.nzism.gcsb.govt.nz/ism-document. This policy set includes definitions that have a Deny effect by default. |
change Version: Minor (1.3.0 > 1.4.0)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Version: Minor (15.14.0 > 15.15.0)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
change Version: Minor, suffix remains equal (2.14.0-preview > 2.15.0-preview)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
change Version: Minor (14.14.0 > 14.15.0)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor, suffix remains equal (11.10.0-deprecated > 11.11.0-deprecated)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
change Version: Minor, suffix remains equal (9.4.0-deprecated > 9.5.0-deprecated)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Version: Minor (17.14.0 > 17.15.0)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
change Version: Minor, suffix remains equal (2.11.0-preview > 2.12.0-preview)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Version: Minor (17.15.0 > 17.16.0)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor, suffix remains equal (2.13.0-deprecated > 2.14.0-deprecated)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 6ce73208-883e-490f-a2ac-44aac3b3687f | NL BIO Cloud Theme | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
change Version: Minor (1.8.0 > 1.9.0)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
change Version: Minor (8.4.0 > 8.5.0)
remove Policy (2)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
add Policy (1)
change Version: Minor (8.10.0 > 8.11.0)
remove Policy (1)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-init. |
change Version: Minor, suffix remains equal (4.3.0-preview > 4.4.0-preview)
remove Policy (1)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
change Version: Minor (8.4.0 > 8.5.0)
remove Policy (1)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 175daf90-21e1-4fec-b745-7b4c909aa94c | Spain ENS | This initiative includes policies that address National Security Scheme (ENS) controls specifically for the 'CCN-STIC 884'. This policy set includes definitions that have a Deny effect by default. |
change Version: Minor (1.3.0 > 1.4.0)
remove Policy (1)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 | PCI v3.2.1:2018 | This initiative includes policies that address a subset of PCI v3.2.1:2018 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/pciv321-init. |
change Version: Minor (6.3.0 > 6.4.0)
remove Policy (1)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
change Version: Minor, suffix remains equal (11.9.0-deprecated > 11.10.0-deprecated)
remove Policy (1)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | c676748e-3af9-4e22-bc28-50feed564afb | PCI DSS v4 | The Payment Card Industry (PCI) Data Security Standards (DSS) is a global information security standard designed to prevent fraud through increased control of credit card data. Compliance with PCI DSS is required for any organization that stores, processes, or transmits payment and cardholder data. These policies address a subset of PCI-DSS v4 controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/pci-dss-3-2-1 |
change Version: Minor (1.4.0 > 1.5.0)
remove Policy (1)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 | CIS Microsoft Azure Foundations Benchmark v1.4.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.4.0 controls. For more information, visit https://aka.ms/cisazure140-initiative |
change Version: Minor (1.10.0 > 1.11.0)
remove Policy (1)
|
2024-10-15 17:53:51 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
change Version: Minor (16.7.0 > 16.8.0)
remove Policy (1)
|
2024-10-15 17:53:51 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
change Version: Minor, suffix remains equal (1.7.0-preview > 1.8.0-preview) |
2024-10-15 17:53:51 |
| Nexus | 336cb876-5cb8-4795-b9d1-bd9323d3487e | [Preview]: Nexus Compute Cluster Security Baseline | This initiative includes policies designed to reflect the security baseline expectations of Nexus Compute Clusters. It ensures that the cluster configurations adhere to specific security controls that are critical for maintaining a secure environment. |
add Initiative
|
2024-09-26 17:50:01 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
change Version: Minor (8.9.0 > 8.10.0)
remove Policy (1)
|
2024-09-23 17:50:57 |
| Regulatory Compliance | 4054785f-702b-4a98-9215-009cbd58b141 | SOC 2 Type 2 | A System and Organization Controls (SOC) 2 is a report based on the Trust Service Principles and Criteria established by the American Institute of Certified Public Accountants (AICPA). The Report evaluates an organization's information system relevant to the following principles: security, availability, processing integrity, confidentiality and privacy. These policies address a subset of SOC 2 Type 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-soc-2 |
change Version: Minor (1.9.0 > 1.10.0)
remove Policy (1)
|
2024-09-23 17:50:57 |
| Regulatory Compliance | 4f5b1359-4f8e-4d7c-9733-ea47fcde891e | New Zealand ISM | NZISM v3.8. The New Zealand Information Security Manual (NZISM) details processes and controls essential for the protection of all New Zealand Government information and systems. This initiative includes policies that address a subset of NZISM controls. Additional policies will be added in upcoming releases. For full details on controls, please refer to https://www.nzism.gcsb.govt.nz/ism-document. This policy set includes definitions that have a Deny effect by default. |
change Version: Minor (1.2.1 > 1.3.0)
remove Policy (1)
|
2024-09-23 17:50:57 |
| BuiltInPolicyTest | 1bb84455-9e6e-434c-8db6-fa6d03a67e87 | Ensures resources to not have a specific tag. This is a versioning test built-in. | Denies the creation of a resource that contains the given tag. Does not apply to resource groups. |
change DisplayName
|
2024-09-23 17:50:57 |
| Regulatory Compliance | 4f5b1359-4f8e-4d7c-9733-ea47fcde891e | New Zealand ISM | NZISM v3.8. The New Zealand Information Security Manual (NZISM) details processes and controls essential for the protection of all New Zealand Government information and systems. This initiative includes policies that address a subset of NZISM controls. Additional policies will be added in upcoming releases. For full details on controls, please refer to https://www.nzism.gcsb.govt.nz/ism-document. This policy set includes definitions that have a Deny effect by default. |
change DisplayName
change Version: Patch, old suffix: preview (1.2.0-preview > 1.2.1) |
2024-09-13 17:47:48 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Version: Minor (17.13.0 > 17.14.0)
remove Policy (6)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Version: Minor (17.13.0 > 17.14.0)
remove Policy (6)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 7bc7cd6c-4114-ff31-3cac-59be3157596d | SWIFT CSP-CSCF v2022 | SWIFT's Customer Security Programme (CSP) helps financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF). These policies address a subset of SWIFT controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/swift-cscf-v2021 |
change Version: Minor (2.5.0 > 2.6.0)
remove Policy (6)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
change Version: Minor (14.13.0 > 14.14.0)
remove Policy (6)
|
2024-09-05 17:48:45 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (57.43.0 > 57.44.0)
remove Policy (6)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Version: Minor (15.13.0 > 15.14.0)
remove Policy (6)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 4f5b1359-4f8e-4d7c-9733-ea47fcde891e | New Zealand ISM | NZISM v3.8. The New Zealand Information Security Manual (NZISM) details processes and controls essential for the protection of all New Zealand Government information and systems. This initiative includes policies that address a subset of NZISM controls. Additional policies will be added in upcoming releases. For full details on controls, please refer to https://www.nzism.gcsb.govt.nz/ism-document. This policy set includes definitions that have a Deny effect by default. |
change Version: Minor, suffix remains equal (1.1.0-preview > 1.2.0-preview)
remove Policy (6)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
change Version: Minor, suffix remains equal (2.13.0-preview > 2.14.0-preview)
remove Policy (6)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor, suffix remains equal (2.12.0-deprecated > 2.13.0-deprecated)
remove Policy (6)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Version: Minor (17.14.0 > 17.15.0)
remove Policy (6)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Minor (9.10.0 > 9.11.0)
remove Policy (6)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Version: Minor (14.5.0 > 14.6.0)
remove Policy (5)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor, suffix remains equal (11.9.0-deprecated > 11.10.0-deprecated)
remove Policy (5)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
change Version: Minor, suffix remains equal (4.8.0-preview > 4.9.0-preview)
remove Policy (5)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
change Version: Minor, suffix remains equal (2.10.0-preview > 2.11.0-preview)
remove Policy (5)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change Version: Minor (11.8.0 > 11.9.0)
remove Policy (5)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
change Version: Minor, suffix remains equal (14.4.0-deprecated > 14.5.0-deprecated)
remove Policy (5)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
change Version: Minor, suffix remains equal (11.8.0-deprecated > 11.9.0-deprecated)
remove Policy (5)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
change Version: Minor, suffix remains equal (1.14.0-preview > 1.15.0-preview)
remove Policy (5)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
change Version: Minor, suffix remains equal (9.3.0-deprecated > 9.4.0-deprecated)
remove Policy (4)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
change Version: Minor, suffix remains equal (8.4.0-preview > 8.5.0-preview)
remove Policy (4)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
change Version: Minor (8.3.0 > 8.4.0)
remove Policy (3)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
change Version: Minor (16.6.0 > 16.7.0)
remove Policy (3)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2020-init. |
change Version: Minor, suffix remains equal (6.2.0-preview > 6.3.0-preview)
remove Policy (3)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 4054785f-702b-4a98-9215-009cbd58b141 | SOC 2 Type 2 | A System and Organization Controls (SOC) 2 is a report based on the Trust Service Principles and Criteria established by the American Institute of Certified Public Accountants (AICPA). The Report evaluates an organization's information system relevant to the following principles: security, availability, processing integrity, confidentiality and privacy. These policies address a subset of SOC 2 Type 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-soc-2 |
change Version: Minor (1.8.0 > 1.9.0)
remove Policy (3)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
change Version: Minor (8.3.0 > 8.4.0)
remove Policy (3)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
change Version: Minor (9.3.0 > 9.4.0)
remove Policy (3)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 6ce73208-883e-490f-a2ac-44aac3b3687f | NL BIO Cloud Theme | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
change Version: Minor (1.7.0 > 1.8.0)
remove Policy (2)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 175daf90-21e1-4fec-b745-7b4c909aa94c | Spain ENS | This initiative includes policies that address National Security Scheme (ENS) controls specifically for the 'CCN-STIC 884'. This policy set includes definitions that have a Deny effect by default. |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (1)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-init. |
change Version: Minor, suffix remains equal (4.2.0-preview > 4.3.0-preview)
remove Policy (1)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 | CIS Microsoft Azure Foundations Benchmark v1.4.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.4.0 controls. For more information, visit https://aka.ms/cisazure140-initiative |
change Version: Minor (1.9.0 > 1.10.0)
remove Policy (1)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
change Version: Minor (8.8.0 > 8.9.0)
remove Policy (1)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 06f19060-9e68-4070-92ca-f15cc126059e | CIS Microsoft Azure Foundations Benchmark v2.0.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v2.0.0 controls. For more information, visit https://aka.ms/cisazure200-initiative |
change Version: Minor (1.3.0 > 1.4.0)
remove Policy (1)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
change Version: Minor (8.3.0 > 8.4.0)
remove Policy (1)
|
2024-09-05 17:48:45 |
| Regulatory Compliance | 175daf90-21e1-4fec-b745-7b4c909aa94c | Spain ENS | This initiative includes policies that address National Security Scheme (ENS) controls specifically for the 'CCN-STIC 884'. This policy set includes definitions that have a Deny effect by default. |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (5)
|
2024-08-29 17:47:54 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (57.42.0 > 57.43.0)
remove Policy (4)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
change Version: Minor, suffix remains equal (1.13.0-preview > 1.14.0-preview)
remove Policy (4)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 4054785f-702b-4a98-9215-009cbd58b141 | SOC 2 Type 2 | A System and Organization Controls (SOC) 2 is a report based on the Trust Service Principles and Criteria established by the American Institute of Certified Public Accountants (AICPA). The Report evaluates an organization's information system relevant to the following principles: security, availability, processing integrity, confidentiality and privacy. These policies address a subset of SOC 2 Type 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-soc-2 |
change Version: Minor (1.7.0 > 1.8.0)
remove Policy (3)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 4f5b1359-4f8e-4d7c-9733-ea47fcde891e | New Zealand ISM | NZISM v3.8. The New Zealand Information Security Manual (NZISM) details processes and controls essential for the protection of all New Zealand Government information and systems. This initiative includes policies that address a subset of NZISM controls. Additional policies will be added in upcoming releases. For full details on controls, please refer to https://www.nzism.gcsb.govt.nz/ism-document. This policy set includes definitions that have a Deny effect by default. |
change Version: Minor, suffix remains equal (1.0.0-preview > 1.1.0-preview)
remove Policy (3)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
change Version: Minor (9.2.0 > 9.3.0)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 7bc7cd6c-4114-ff31-3cac-59be3157596d | SWIFT CSP-CSCF v2022 | SWIFT's Customer Security Programme (CSP) helps financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF). These policies address a subset of SWIFT controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/swift-cscf-v2021 |
change Version: Minor (2.4.0 > 2.5.0)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor, suffix remains equal (11.8.0-deprecated > 11.9.0-deprecated)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Version: Minor (14.4.0 > 14.5.0)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
change Version: Minor (8.2.0 > 8.3.0)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
change Version: Minor, suffix remains equal (14.3.0-deprecated > 14.4.0-deprecated)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor, suffix remains equal (2.11.0-deprecated > 2.12.0-deprecated)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change Version: Minor (11.7.0 > 11.8.0)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Version: Minor (17.12.0 > 17.13.0)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Version: Minor (17.12.0 > 17.13.0)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
change Version: Minor, suffix remains equal (4.7.0-preview > 4.8.0-preview)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Minor (9.9.0 > 9.10.0)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 6ce73208-883e-490f-a2ac-44aac3b3687f | NL BIO Cloud Theme | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
change Version: Minor (1.6.0 > 1.7.0)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
change Version: Minor (8.2.0 > 8.3.0)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
change Version: Minor, suffix remains equal (2.12.0-preview > 2.13.0-preview)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2020-init. |
change Version: Minor, suffix remains equal (6.1.0-preview > 6.2.0-preview)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Version: Minor (15.12.0 > 15.13.0)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
change Version: Minor (14.12.0 > 14.13.0)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Version: Minor (17.13.0 > 17.14.0)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
change Version: Minor, suffix remains equal (8.3.0-preview > 8.4.0-preview)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
change Version: Minor, suffix remains equal (9.2.0-deprecated > 9.3.0-deprecated)
remove Policy (2)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 06f19060-9e68-4070-92ca-f15cc126059e | CIS Microsoft Azure Foundations Benchmark v2.0.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v2.0.0 controls. For more information, visit https://aka.ms/cisazure200-initiative |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (1)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 | PCI v3.2.1:2018 | This initiative includes policies that address a subset of PCI v3.2.1:2018 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/pciv321-init. |
change Version: Minor (6.2.0 > 6.3.0)
remove Policy (1)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
change Version: Minor (16.5.0 > 16.6.0)
remove Policy (1)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 | CIS Microsoft Azure Foundations Benchmark v1.4.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.4.0 controls. For more information, visit https://aka.ms/cisazure140-initiative |
change Version: Minor (1.8.0 > 1.9.0)
remove Policy (1)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
change Version: Minor (8.2.0 > 8.3.0)
remove Policy (1)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | c676748e-3af9-4e22-bc28-50feed564afb | PCI DSS v4 | The Payment Card Industry (PCI) Data Security Standards (DSS) is a global information security standard designed to prevent fraud through increased control of credit card data. Compliance with PCI DSS is required for any organization that stores, processes, or transmits payment and cardholder data. These policies address a subset of PCI-DSS v4 controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/pci-dss-3-2-1 |
change Version: Minor (1.3.0 > 1.4.0)
remove Policy (1)
|
2024-08-29 17:47:54 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
change Version: Minor, suffix remains equal (11.7.0-deprecated > 11.8.0-deprecated) |
2024-08-29 17:47:54 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
change Version: Minor (8.7.0 > 8.8.0) |
2024-08-29 17:47:54 |
| Regulatory Compliance | c676748e-3af9-4e22-bc28-50feed564afb | PCI DSS v4 | The Payment Card Industry (PCI) Data Security Standards (DSS) is a global information security standard designed to prevent fraud through increased control of credit card data. Compliance with PCI DSS is required for any organization that stores, processes, or transmits payment and cardholder data. These policies address a subset of PCI-DSS v4 controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/pci-dss-3-2-1 |
add Policy (1)
change Version: Minor (1.2.0 > 1.3.0) |
2024-08-23 18:18:18 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (2)
change Version: Minor (57.41.0 > 57.42.0) |
2024-08-08 18:19:51 |
| Regulatory Compliance | c1cbff38-87c0-4b9f-9f70-035c7a3b5523 | Sovereignty Baseline - Global Policies | The Microsoft Cloud for Sovereignty recommends global policies to help organizations achieve their sovereignty goals by default denying the creation of resources outside of approved regions. More details can be found here: https://aka.ms/SovereigntyBaselinePolicies |
add Policy (2)
change Version: Minor, suffix remains equal (1.0.0-preview > 1.1.0-preview) |
2024-08-08 18:19:51 |
| Regulatory Compliance | 03de05a4-c324-4ccd-882f-a814ea8ab9ea | Sovereignty Baseline - Confidential Policies | The Microsoft Cloud for Sovereignty recommends confidential policies to help organizations achieve their sovereignty goals by default denying the creation of resources outside of approved regions, denying resources that are not backed by Azure Confidential Computing, and denying data storage resources that are not using Customer-Managed Keys. More details can be found here: https://aka.ms/SovereigntyBaselinePolicies |
change Version: Patch, suffix remains equal (1.0.0-preview > 1.0.1-preview) |
2024-08-08 18:19:51 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Minor (57.40.0 > 57.41.0) |
2024-08-01 18:19:47 |
| Regulatory Compliance | 4f5b1359-4f8e-4d7c-9733-ea47fcde891e | New Zealand ISM | NZISM v3.8. The New Zealand Information Security Manual (NZISM) details processes and controls essential for the protection of all New Zealand Government information and systems. This initiative includes policies that address a subset of NZISM controls. Additional policies will be added in upcoming releases. For full details on controls, please refer to https://www.nzism.gcsb.govt.nz/ism-document. This policy set includes definitions that have a Deny effect by default. |
add Initiative
|
2024-08-01 18:19:47 |
| Monitoring | f5bf694c-cca7-4033-b883-3a23327d5485 | Enable Azure Monitor for VMSS with Azure Monitoring Agent(AMA) | Enable Azure Monitor for the virtual machines scale set (VMSS) with AMA. |
change Version: Minor (1.1.0 > 1.2.0) |
2024-08-01 18:19:47 |
| Monitoring | 924bfe3a-762f-40e7-86dd-5c8b95eb09e6 | Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) | Enable Azure Monitor for the virtual machines (VMs) with AMA. |
change Version: Minor (1.1.0 > 1.2.0) |
2024-08-01 18:19:47 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (57.39.0 > 57.40.0)
remove Policy (4)
|
2024-07-11 18:19:05 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Version: Minor (17.11.0 > 17.12.0)
remove Policy (2)
|
2024-07-11 18:19:05 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
change Version: Minor, suffix remains equal (2.9.0-preview > 2.10.0-preview)
remove Policy (2)
|
2024-07-11 18:19:05 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor, suffix remains equal (2.10.0-deprecated > 2.11.0-deprecated)
remove Policy (2)
|
2024-07-11 18:19:05 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
change Version: Minor, suffix remains equal (11.6.0-deprecated > 11.7.0-deprecated)
remove Policy (2)
|
2024-07-11 18:19:05 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Version: Minor (17.12.0 > 17.13.0)
remove Policy (2)
|
2024-07-11 18:19:05 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Version: Minor (17.11.0 > 17.12.0)
remove Policy (2)
|
2024-07-11 18:19:05 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Version: Minor (15.11.0 > 15.12.0)
remove Policy (2)
|
2024-07-11 18:19:05 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
change Version: Minor (14.11.0 > 14.12.0)
remove Policy (2)
|
2024-07-11 18:19:05 |
| Regulatory Compliance | 6ce73208-883e-490f-a2ac-44aac3b3687f | NL BIO Cloud Theme | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
change Version: Minor (1.5.0 > 1.6.0)
remove Policy (2)
|
2024-07-11 18:19:05 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Minor (9.8.0 > 9.9.0)
remove Policy (2)
|
2024-07-11 18:19:05 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
change Version: Minor, suffix remains equal (2.11.0-preview > 2.12.0-preview)
remove Policy (2)
|
2024-07-11 18:19:05 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
change Version: Minor, suffix remains equal (1.12.0-preview > 1.13.0-preview)
remove Policy (1)
|
2024-07-11 18:19:05 |
| Regulatory Compliance | 175daf90-21e1-4fec-b745-7b4c909aa94c | Spain ENS | This initiative includes policies that address National Security Scheme (ENS) controls specifically for the 'CCN-STIC 884'. This policy set includes definitions that have a Deny effect by default. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (8)
|
2024-06-19 17:53:27 |
| Regulatory Compliance | 80307b86-ab81-45ab-bf4f-4e0b93cf3dd5 | ACAT for Microsoft 365 Certification | App Compliance Automation Tool for Microsoft 365 (ACAT) simplifies the process to achieve Microsoft 365 Certification, see https://aka.ms/acat. This certification ensures that apps have strong security and compliance practices in place to protect customer data, security, and privacy. This initiative includes policies that address a subset of the Microsoft 365 Certification controls. Additional policies will be added in upcoming releases. |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (8)
|
2024-06-19 17:53:27 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
change Version: Minor, suffix remains equal (1.11.0-preview > 1.12.0-preview)
remove Policy (2)
|
2024-06-19 17:53:27 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Minor (57.37.0 > 57.39.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
change Version: Minor, suffix remains equal (2.8.0-preview > 2.9.0-preview)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 06f19060-9e68-4070-92ca-f15cc126059e | CIS Microsoft Azure Foundations Benchmark v2.0.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v2.0.0 controls. For more information, visit https://aka.ms/cisazure200-initiative |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Version: Minor (17.10.0 > 17.11.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
change Version: Minor, suffix remains equal (8.2.2-preview > 8.3.0-preview)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
change Version: Minor (14.10.0 > 14.11.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change Version: Minor (11.6.0 > 11.7.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 | PCI v3.2.1:2018 | This initiative includes policies that address a subset of PCI v3.2.1:2018 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/pciv321-init. |
change Version: Minor (6.1.0 > 6.2.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
change Version: Minor, suffix remains equal (1.10.0-preview > 1.11.0-preview)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
change Version: Minor (8.1.0 > 8.2.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
change Version: Minor, suffix remains equal (4.6.0-preview > 4.7.0-preview)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
change Version: Minor, suffix remains equal (2.10.0-preview > 2.11.0-preview)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 6ce73208-883e-490f-a2ac-44aac3b3687f | NL BIO Cloud Theme | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
change Version: Minor (1.4.0 > 1.5.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Version: Minor (15.10.0 > 15.11.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Version: Minor (14.3.0 > 14.4.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Version: Minor (17.11.0 > 17.12.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
change Version: Minor (8.6.0 > 8.7.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
change Version: Minor (8.1.0 > 8.2.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Minor (9.7.0 > 9.8.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-init. |
change Version: Minor, suffix remains equal (4.1.0-preview > 4.2.0-preview)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
change Version: Minor (16.4.0 > 16.5.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 7bc7cd6c-4114-ff31-3cac-59be3157596d | SWIFT CSP-CSCF v2022 | SWIFT's Customer Security Programme (CSP) helps financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF). These policies address a subset of SWIFT controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/swift-cscf-v2021 |
change Version: Minor (2.3.0 > 2.4.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
change Version: Minor (9.1.0 > 9.2.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | c676748e-3af9-4e22-bc28-50feed564afb | PCI DSS v4 | The Payment Card Industry (PCI) Data Security Standards (DSS) is a global information security standard designed to prevent fraud through increased control of credit card data. Compliance with PCI DSS is required for any organization that stores, processes, or transmits payment and cardholder data. These policies address a subset of PCI-DSS v4 controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/pci-dss-3-2-1 |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 | CIS Microsoft Azure Foundations Benchmark v1.4.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.4.0 controls. For more information, visit https://aka.ms/cisazure140-initiative |
change Version: Minor (1.7.0 > 1.8.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 4054785f-702b-4a98-9215-009cbd58b141 | SOC 2 Type 2 | A System and Organization Controls (SOC) 2 is a report based on the Trust Service Principles and Criteria established by the American Institute of Certified Public Accountants (AICPA). The Report evaluates an organization's information system relevant to the following principles: security, availability, processing integrity, confidentiality and privacy. These policies address a subset of SOC 2 Type 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-soc-2 |
change Version: Minor (1.6.0 > 1.7.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Version: Minor (17.10.0 > 17.11.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
change Version: Minor (8.1.0 > 8.2.0)
remove Policy (1)
|
2024-06-06 18:16:34 |
| ChangeTrackingAndInventory | 92a36f05-ebc9-4bba-9128-b47ad2ea3354 | Enable ChangeTracking and Inventory for virtual machines | Enable ChangeTracking and Inventory for virtual machines. Takes Data Collection Rule ID as parameter and asks for an option to input applicable locations and user-assigned identity for Azure Monitor Agent. |
change Version: Minor, suffix remains equal (1.0.0-preview > 1.1.0-preview) |
2024-05-22 18:03:36 |
| Monitoring | 924bfe3a-762f-40e7-86dd-5c8b95eb09e6 | Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) | Enable Azure Monitor for the virtual machines (VMs) with AMA. |
change Version: Minor (1.0.0 > 1.1.0) |
2024-05-22 18:03:36 |
| ChangeTrackingAndInventory | c4a70814-96be-461c-889f-2b27429120dc | Enable ChangeTracking and Inventory for virtual machine scale sets | Enable ChangeTracking and Inventory for virtual machine scale sets. Takes Data Collection Rule ID as parameter and asks for an option to input applicable locations and user-assigned identity for Azure Monitor Agent. |
change Version: Minor, suffix remains equal (1.0.0-preview > 1.1.0-preview) |
2024-05-22 18:03:36 |
| Monitoring | f5bf694c-cca7-4033-b883-3a23327d5485 | Enable Azure Monitor for VMSS with Azure Monitoring Agent(AMA) | Enable Azure Monitor for the virtual machines scale set (VMSS) with AMA. |
change Version: Minor (1.0.0 > 1.1.0) |
2024-05-22 18:03:36 |
| Monitoring | 8d723fb6-6680-45be-9d37-b1a4adb52207 | Enable audit category group resource logging for supported resources to storage | Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This initiative deploys diagnostic setting using the audit category group to route logs to storage for all supported resources. |
add Policy (36)
change Version: Minor (1.0.0 > 1.1.0) |
2024-05-15 17:48:20 |
| Monitoring | f5b29bc4-feca-4cc6-a58a-772dd5e290a5 | Enable audit category group resource logging for supported resources to Log Analytics | Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This initiative deploys diagnostic setting using the audit category group to route logs to Log Analytics for all supported resources. |
add Policy (36)
change Version: Minor (1.0.0 > 1.1.0) |
2024-05-15 17:48:20 |
| Monitoring | 1020d527-2764-4230-92cc-7035e4fcf8a7 | Enable audit category group resource logging for supported resources to Event Hub | Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This initiative deploys diagnostic setting using the audit category group to route logs to Event Hub for all supported resources |
add Policy (36)
change Version: Minor (1.0.0 > 1.1.0) |
2024-05-15 17:48:20 |
| Monitoring | 0884adba-2312-4468-abeb-5422caed1038 | Enable allLogs category group resource logging for supported resources to Log Analytics | Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This initiative deploys diagnostic setting using the allLogs category group to route logs to an Event Hub for all supported resources |
add Initiative
|
2024-05-15 17:48:20 |
| Security Center | d7c3ea3a-edf3-4bd5-bd64-d5b635b05393 | Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a LA workspace | Microsoft Defender for SQL collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Creates a resource group and a Data Collection Rule and Log Analytics workspace in the same region as the machine. |
change Version: Minor (1.2.1 > 1.3.0) |
2024-05-15 17:48:20 |
| Security Center | de01d381-bae9-4670-8870-786f89f49e26 | Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a user-defined LA workspace | Microsoft Defender for SQL collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Creates a resource group and a Data Collection Rule in the same region as the user-defined Log Analytics workspace. |
change Version: Minor (1.1.1 > 1.2.0) |
2024-05-15 17:48:20 |
| Monitoring | 85175a36-2f12-419a-96b4-18d5b0096531 | Enable allLogs category group resource logging for supported resources to Event Hub | Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This initiative deploys diagnostic setting using the allLogs category group to route logs to Event Hub for all supported resources. |
add Initiative
|
2024-05-15 17:48:20 |
| Monitoring | b6b86da9-e527-49de-ac59-6af0a9db10b8 | Enable allLogs category group resource logging for supported resources to storage | Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This initiative deploys diagnostic setting using the allLogs category group to route logs to storage for all supported resources. |
add Initiative
|
2024-05-15 17:48:20 |
| Regulatory Compliance | 175daf90-21e1-4fec-b745-7b4c909aa94c | Spain ENS | This initiative includes policies that address National Security Scheme (ENS) controls specifically for the 'CCN-STIC 884'. This policy set includes definitions that have a Deny effect by default. |
add Initiative
|
2024-05-15 17:48:20 |
| BuiltInPolicyTest | 1bb84455-9e6e-434c-8db6-fa6d03a67e87 | Ensures resources to not have a specific tag. This is a versioning test built-in. | Denies the creation of a resource that contains the given tag. Does not apply to resource groups. |
change DisplayName
|
2024-04-24 17:47:19 |
| Security Center | e77fc0b3-f7e9-4c58-bc13-cb753ed8e46e | Configure Advanced Threat Protection to be enabled on open-source relational databases | Enable Advanced Threat Protection on your non-Basic tier open-source relational databases to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. See https://aka.ms/AzDforOpenSourceDBsDocu. |
add Policy (1)
change Version: Minor (1.1.0 > 1.2.0) |
2024-04-17 17:45:34 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (57.36.0 > 57.37.0) |
2024-04-17 17:45:34 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
change Version: Minor, suffix remains equal (1.6.0-preview > 1.7.0-preview) |
2024-04-17 17:45:34 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
add Policy (8)
change Version: Minor, suffix remains equal (1.4.1-preview > 1.6.0-preview) |
2024-04-11 17:47:35 |
| Regulatory Compliance | 6ce73208-883e-490f-a2ac-44aac3b3687f | NL BIO Cloud Theme | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
change Version: Minor (1.3.0 > 1.4.0)
remove Policy (1)
|
2024-04-11 17:47:35 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Version: Minor (15.9.0 > 15.10.0)
remove Policy (1)
|
2024-04-11 17:47:35 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
change Version: Minor, suffix remains equal (1.9.0-preview > 1.10.0-preview)
remove Policy (1)
|
2024-04-11 17:47:35 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
change Version: Minor (14.9.0 > 14.10.0)
remove Policy (1)
|
2024-04-11 17:47:35 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
change Version: Minor, suffix remains equal (2.9.0-preview > 2.10.0-preview)
remove Policy (1)
|
2024-04-11 17:47:35 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (57.35.0 > 57.36.0)
remove Policy (1)
|
2024-04-11 17:47:35 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change Version: Minor (11.5.0 > 11.6.0)
remove Policy (1)
|
2024-04-11 17:47:35 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Version: Minor (17.10.0 > 17.11.0)
remove Policy (1)
|
2024-04-11 17:47:35 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor, suffix remains equal (2.9.0-deprecated > 2.10.0-deprecated)
remove Policy (1)
|
2024-04-11 17:47:35 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Version: Minor (17.9.0 > 17.10.0)
remove Policy (1)
|
2024-04-11 17:47:35 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Version: Minor (17.9.0 > 17.10.0)
remove Policy (1)
|
2024-04-11 17:47:35 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
change Version: Minor, suffix remains equal (11.5.0-deprecated > 11.6.0-deprecated)
remove Policy (1)
|
2024-04-11 17:47:35 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor, suffix remains equal (11.7.0-deprecated > 11.8.0-deprecated)
remove Policy (1)
|
2024-04-11 17:47:35 |
| SDN | f1535064-3294-48fa-94e2-6e83095a5c08 | Audit Public Network Access | Audit Azure resources that allow access from the public internet |
change Version: Minor (4.1.0 > 4.2.0)
remove Policy (1)
|
2024-04-11 17:47:35 |
| Monitoring | 9575b8b7-78ab-4281-b53b-d3c1ace2260b | Configure Windows machines to run Azure Monitor Agent and associate them to a Data Collection Rule | Monitor and secure your Windows virtual machines, virtual machine scale sets, and Arc machines by deploying the Azure Monitor Agent extension and associating the machines with a specified Data Collection Rule. Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Version: Minor (3.1.0 > 3.2.0) |
2024-04-03 19:06:58 |
| Monitoring | babf8e94-780b-4b4d-abaa-4830136a8725 | Deploy Linux Azure Monitor Agent with user-assigned managed identity-based auth and associate with Data Collection Rule | Monitor your Linux virtual machines and virtual machine scale sets by deploying the Azure Monitor Agent extension with user-assigned managed identity authentication and associating with specified Data Collection Rule. Azure Monitor Agent Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Version: Minor (2.2.0 > 2.3.0) |
2024-04-03 19:06:58 |
| Monitoring | 0d1b56c6-6d1f-4a5d-8695-b15efbea6b49 | Deploy Windows Azure Monitor Agent with user-assigned managed identity-based auth and associate with Data Collection Rule | Monitor your Windows virtual machines and virtual machine scale sets by deploying the Azure Monitor Agent extension with user-assigned managed identity authentication and associating with specified Data Collection Rule. Azure Monitor Agent Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Version: Minor (2.2.0 > 2.3.0) |
2024-04-03 19:06:58 |
| Monitoring | 118f04da-0375-44d1-84e3-0fd9e1849403 | Configure Linux machines to run Azure Monitor Agent and associate them to a Data Collection Rule | Monitor and secure your Linux virtual machines, virtual machine scale sets, and Arc machines by deploying the Azure Monitor Agent extension and associating the machines with a specified Data Collection Rule. Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Version: Minor (3.1.0 > 3.2.0) |
2024-04-03 19:06:58 |
| Regulatory Compliance | 6ce73208-883e-490f-a2ac-44aac3b3687f | NL BIO Cloud Theme | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
add Policy (10)
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (5)
|
2024-03-27 18:49:34 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (57.34.0 > 57.35.0) |
2024-03-27 18:49:34 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change DisplayName
change Version: Minor, suffix remains equal (11.6.2-deprecated > 11.7.0-deprecated)
remove Policy (1)
|
2024-03-20 18:47:00 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (57.33.0 > 57.34.0)
remove Policy (2)
|
2024-03-20 18:47:00 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
change Version: Minor, suffix remains equal (1.8.0-preview > 1.9.0-preview)
remove Policy (2)
|
2024-03-20 18:47:00 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
change Version: Minor, suffix remains equal (2.7.0-preview > 2.8.0-preview)
remove Policy (2)
|
2024-03-20 18:47:00 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change DisplayName
change Version: Minor, suffix remains equal (2.8.1-deprecated > 2.9.0-deprecated)
remove Policy (1)
|
2024-03-20 18:47:00 |
| Regulatory Compliance | 6ce73208-883e-490f-a2ac-44aac3b3687f | NL BIO Cloud Theme | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
change Version: Minor (1.1.1 > 1.2.0)
remove Policy (2)
|
2024-03-20 18:47:00 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Minor (9.6.0 > 9.7.0)
remove Policy (1)
|
2024-03-20 18:47:00 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
change Version: Minor (14.8.0 > 14.9.0)
remove Policy (1)
|
2024-03-20 18:47:00 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Version: Minor (17.9.0 > 17.10.0)
remove Policy (1)
|
2024-03-20 18:47:00 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Version: Minor (15.8.0 > 15.9.0)
remove Policy (1)
|
2024-03-20 18:47:00 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Version: Minor (17.8.0 > 17.9.0)
remove Policy (1)
|
2024-03-20 18:47:00 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
change Version: Minor, suffix remains equal (2.8.0-preview > 2.9.0-preview)
remove Policy (1)
|
2024-03-20 18:47:00 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change Version: Minor (11.4.0 > 11.5.0)
remove Policy (1)
|
2024-03-20 18:47:00 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Version: Minor (17.8.0 > 17.9.0)
remove Policy (1)
|
2024-03-20 18:47:00 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
change Description
|
2024-03-13 20:05:29 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (4)
change Version: Minor (57.32.0 > 57.33.0)
remove Policy (4)
|
2024-03-06 19:15:55 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
change Version: Patch, suffix remains equal (1.4.0-preview > 1.4.1-preview) |
2024-03-06 19:15:55 |
| VirtualEnclaves | ca122c06-05f6-4423-9018-ccb523168eb2 | [Preview]: Control the use of Storage Accounts in a Virtual Enclave | This initiative deploys Azure policies for Storage Accounts ensuring boundary protection of this resource while it operates within the logically separated structure of Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves |
add Policy (2)
change Version: Minor, suffix remains equal (1.0.0-preview > 1.1.0-preview)
remove Policy (2)
|
2024-03-01 17:50:54 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
add Policy (1)
change Version: Minor (17.8.0 > 17.9.0)
remove Policy (1)
|
2024-03-01 17:50:54 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Patch, new suffix: deprecated (11.6.1 > 11.6.2-deprecated) |
2024-03-01 17:50:54 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Patch, new suffix: deprecated (2.8.0 > 2.8.1-deprecated) |
2024-03-01 17:50:54 |
| Resilience | 130fb88f-0fc9-4678-bfe1-31022d71c7d5 | [Preview]: Resources should be Zone Resilient | Some resource types can be deployed Zone Redundant (e.g. SQL Databases); some can be deploy Zone Aligned (e.g. Virtual Machines); and some can be deployed either Zone Aligned or Zone Redundant (e.g. Virtual Machine Scale Sets). Being zone aligned does not guarantee resilience, but it is the foundation on which a resilient solution can be built (e.g. three Virtual Machine Scale Sets zone aligned to three different zones in the same region with a load balancer). See https://aka.ms/AZResilience for more info. |
add Policy (12)
change Version: Minor, suffix remains equal (1.7.0-preview > 1.10.0-preview) |
2024-02-23 19:01:26 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
change Version: Minor, suffix remains equal (1.3.3-preview > 1.4.0-preview) |
2024-02-23 19:01:26 |
| VirtualEnclaves | 0a9ea1cb-7925-47fc-b0fe-8bb0a8190423 | [Preview]: Control the use of diagnostic settings for specific resources in a Virtual Enclave | This initiative deploys Azure policies to ensure configuration of specific resource types in Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves |
add Initiative
|
2024-02-23 19:01:26 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Minor (57.31.0 > 57.32.0) |
2024-02-15 20:37:47 |
| Security Center | 77b391e3-2d5d-40c3-83bf-65c846b3c6a3 | Configure multiple Microsoft Defender for Endpoint integration settings with Microsoft Defender for Cloud | Configure the multiple Microsoft Defender for Endpoint integration settings with Microsoft Defender for Cloud (WDATP, WDATP_EXCLUDE_LINUX_PUBLIC_PREVIEW, WDATP_UNIFIED_SOLUTION etc.). See: https://learn.microsoft.com/azure/defender-for-cloud/integration-defender-for-endpoint for more information. |
add Initiative
|
2024-02-15 20:37:47 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Minor (57.30.0 > 57.31.0) |
2024-02-05 19:34:05 |
| Kubernetes | 42b8ef37-b724-4e24-bbc8-7a7708edfe00 | Kubernetes cluster pod security restricted standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security restricted standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
change Version: Minor (2.4.0 > 2.5.0) |
2024-02-05 19:34:05 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
change Version: Patch, suffix remains equal (1.3.2-preview > 1.3.3-preview) |
2024-02-05 19:34:05 |
| Security Center | f08c57cd-dbd6-49a4-a85e-9ae77ac959b0 | Configure Microsoft Defender for Cloud plans | Microsoft Defender for Cloud provides comprehensive, cloud-native protections from development to runtime in multi-cloud environments. Use the policy initiative to configure Defender for Cloud plans and extensions to be enabled on selected scope(s). |
add Initiative
|
2024-02-05 19:34:05 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
change Description
change DisplayName
|
2024-01-30 18:39:39 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (7)
change Version: Minor (57.28.1 > 57.30.0) |
2024-01-29 19:36:15 |
| Synapse | 6cccc75e-6b5c-4e63-8b4a-8427bc49fe5f | Configure Synapse Workspaces to mandate Microsoft Entra-only identities for authentication | Require and configure Microsoft Entra-only authentication for Synapse Workspaces, disabling local authentication methods. This allows access exclusively via Microsoft Entra identities, enhancing security with modern authentication enhancements including MFA, SSO, and secret-less programmatic access with managed identities. |
add Initiative
|
2024-01-29 19:36:15 |
| SQL | a55e4a7e-1b9c-43ef-b4b3-642f303804d6 | Azure SQL Database should have Microsoft Entra-only authentication | Require Microsoft Entra-only authentication for Azure SQL Database, disabling local authentication methods. This allows access exclusively via Microsoft Entra identities, enhancing security with modern authentication enhancements including MFA, SSO, and secret-less programmatic access with managed identities. |
add Initiative
|
2024-01-29 19:36:15 |
| SQL | 9b8d8228-e8cc-4c95-8d98-47f32df40b5e | Azure SQL Managed Instance should have Microsoft Entra-only authentication | Require Microsoft Entra-only authentication for Azure SQL Managed instance, disabling local authentication methods. This allows access exclusively via Microsoft Entra identities, enhancing security with modern authentication enhancements including MFA, SSO, and secret-less programmatic access with managed identities. |
add Initiative
|
2024-01-29 19:36:15 |
| Synapse | 1ee51566-9bb4-49da-b8d2-3c06991963eb | Synapse Workspaces should have Microsoft Entra-only authentication | Require Microsoft Entra-only authentication for Synapse Workspaces, disabling local authentication methods. This allows access exclusively via Microsoft Entra identities, enhancing security with modern authentication enhancements including MFA, SSO, and secret-less programmatic access with managed identities. |
add Initiative
|
2024-01-29 19:36:15 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Minor (57.27.0 > 57.28.1)
remove Policy (1)
|
2024-01-17 19:06:27 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
change Version: Minor, suffix remains equal (2.7.0-preview > 2.8.0-preview)
remove Policy (1)
|
2024-01-17 19:06:27 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
change Version: Minor, suffix remains equal (1.7.0-preview > 1.8.0-preview)
remove Policy (1)
|
2024-01-17 19:06:27 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
change Version: Minor, suffix remains equal (2.6.0-preview > 2.7.0-preview)
remove Policy (1)
|
2024-01-17 19:06:27 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
change Version: Minor (14.7.0 > 14.8.0)
remove Policy (1)
|
2024-01-17 19:06:27 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor (2.7.0 > 2.8.0)
remove Policy (1)
|
2024-01-17 19:06:27 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Version: Minor (17.7.0 > 17.8.0)
remove Policy (1)
|
2024-01-17 19:06:27 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Version: Minor (15.7.0 > 15.8.0)
remove Policy (1)
|
2024-01-17 19:06:27 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Version: Minor (17.7.0 > 17.8.0)
remove Policy (1)
|
2024-01-17 19:06:27 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Version: Minor (17.7.0 > 17.8.0)
remove Policy (1)
|
2024-01-17 19:06:27 |
| VirtualEnclaves | 528d78c5-246c-4f26-ade6-d30798705411 | [Preview]: Control the use of App Service in a Virtual Enclave | This initiative deploys Azure policies for App Service ensuring boundary protection of this resource while it operates within the logically separated structure of Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves |
add Initiative
|
2024-01-17 19:06:27 |
| VirtualEnclaves | 5eaa16b4-81f2-4354-aef3-2d77288e396e | [Preview]: Control the use of PostgreSql in a Virtual Enclave | This initiative deploys Azure policies for PostgreSql ensuring boundary protection of this resource while it operates within the logically separated structure of Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves |
add Initiative
|
2024-01-17 19:06:27 |
| VirtualEnclaves | ca122c06-05f6-4423-9018-ccb523168eb2 | [Preview]: Control the use of Storage Accounts in a Virtual Enclave | This initiative deploys Azure policies for Storage Accounts ensuring boundary protection of this resource while it operates within the logically separated structure of Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves |
add Initiative
|
2024-01-17 19:06:27 |
| VirtualEnclaves | 0fbe78a5-1722-4f1b-83a5-89c14151fa60 | [Preview]: Control the use of Microsoft SQL in a Virtual Enclave | This initiative deploys Azure policies for Microsoft SQL ensuring boundary protection of this resource while it operates within the logically separated structure of Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves |
add Initiative
|
2024-01-17 19:06:27 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
change Version: Patch, suffix remains equal (8.2.1-preview > 8.2.2-preview) |
2024-01-17 19:06:27 |
| VirtualEnclaves | 6bd484ca-ae8d-46cf-9b33-e1feef84bfba | [Preview]: Control the use of CosmosDB in a Virtual Enclave | This initiative deploys Azure policies for CosmosDB ensuring boundary protection of this resource while it operates within the logically separated structure of Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves |
add Initiative
|
2024-01-17 19:06:27 |
| VirtualEnclaves | d300338e-65d1-4be3-b18e-fb4ce5715a8f | [Preview]: Control the use of AKS in a Virtual Enclave | This initiative deploys Azure policies for AKS ensuring boundary protection of this resource while it operates within the logically separated structure of Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves |
add Initiative
|
2024-01-17 19:06:27 |
| VirtualEnclaves | 8fcdb3f1-1369-426d-9917-81edfee903ab | [Preview]: Control the use of Service Bus in a Virtual Enclave | This initiative deploys Azure policies for Service Bus ensuring boundary protection of this resource while it operates within the logically separated structure of Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves |
add Initiative
|
2024-01-17 19:06:27 |
| Regulatory Compliance | 6ce73208-883e-490f-a2ac-44aac3b3687f | NL BIO Cloud Theme | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
change Version: Patch (1.1.0 > 1.1.1) |
2024-01-17 19:06:27 |
| VirtualEnclaves | 4f4dba0f-a5ee-494b-8df7-f9727dea6f37 | [Preview]: Control the use of Key Vault in a Virtual Enclave | This initiative deploys Azure policies for Key Vaults ensuring boundary protection of this resource while it operates within the logically separated structure of Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves |
add Initiative
|
2024-01-17 19:06:27 |
| VirtualEnclaves | b3fe25eb-cdc6-475f-96a5-04ac270f630d | [Preview]: Control the use of Container Registry in a Virtual Enclave | This initiative deploys Azure policies for Container Registry ensuring boundary protection of this resource while it operates within the logically separated structure of Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves |
add Initiative
|
2024-01-17 19:06:27 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Patch (11.6.0 > 11.6.1) |
2024-01-17 19:06:27 |
| Security Center | e77fc0b3-f7e9-4c58-bc13-cb753ed8e46e | Configure Advanced Threat Protection to be enabled on open-source relational databases | Enable Advanced Threat Protection on your non-Basic tier open-source relational databases to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. See https://aka.ms/AzDforOpenSourceDBsDocu. |
add Policy (1)
change Version: Minor (1.0.1 > 1.1.0) |
2023-12-18 19:01:50 |
| Resilience | 130fb88f-0fc9-4678-bfe1-31022d71c7d5 | [Preview]: Resources should be Zone Resilient | Some resource types can be deployed Zone Redundant (e.g. SQL Databases); some can be deploy Zone Aligned (e.g. Virtual Machines); and some can be deployed either Zone Aligned or Zone Redundant (e.g. Virtual Machine Scale Sets). Being zone aligned does not guarantee resilience, but it is the foundation on which a resilient solution can be built (e.g. three Virtual Machine Scale Sets zone aligned to three different zones in the same region with a load balancer). See https://aka.ms/AZResilience for more info. |
add Policy (12)
change Version: Minor, suffix remains equal (1.4.0-preview > 1.7.0-preview) |
2023-12-12 19:47:53 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (2)
change Version: Minor (57.25.0 > 57.27.0)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
add Policy (1)
change Version: Minor (14.2.0 > 14.3.0)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
add Policy (1)
change Version: Minor, suffix remains equal (4.5.0-preview > 4.6.0-preview)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
add Policy (1)
change Version: Minor, suffix remains equal (2.5.0-preview > 2.6.0-preview)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
add Policy (1)
change Version: Minor (15.6.0 > 15.7.0)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
add Policy (1)
change Version: Minor, suffix remains equal (11.4.0-deprecated > 11.5.0-deprecated)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
add Policy (1)
change Version: Minor, suffix remains equal (2.6.0-preview > 2.7.0-preview)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
add Policy (1)
change Version: Minor (2.6.0 > 2.7.0)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
add Policy (1)
change Version: Minor (14.6.0 > 14.7.0)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
add Policy (1)
change Version: Minor, suffix remains equal (14.2.0-deprecated > 14.3.0-deprecated)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
add Policy (1)
change Version: Minor (8.5.0 > 8.6.0)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 | CIS Microsoft Azure Foundations Benchmark v1.4.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.4.0 controls. For more information, visit https://aka.ms/cisazure140-initiative |
add Policy (1)
change Version: Minor (1.6.0 > 1.7.0)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
add Policy (1)
change Version: Minor (17.6.0 > 17.7.0)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | 4054785f-702b-4a98-9215-009cbd58b141 | SOC 2 Type 2 | A System and Organization Controls (SOC) 2 is a report based on the Trust Service Principles and Criteria established by the American Institute of Certified Public Accountants (AICPA). The Report evaluates an organization's information system relevant to the following principles: security, availability, processing integrity, confidentiality and privacy. These policies address a subset of SOC 2 Type 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-soc-2 |
add Policy (1)
change Version: Minor (1.5.0 > 1.6.0)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
add Policy (1)
change Version: Minor (17.6.0 > 17.7.0)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
add Policy (1)
change Version: Minor (9.5.0 > 9.6.0)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
add Policy (1)
change Version: Minor, suffix remains equal (1.6.0-preview > 1.7.0-preview)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
add Policy (1)
change Version: Minor (16.3.0 > 16.4.0)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
add Policy (1)
change Version: Minor (17.6.0 > 17.7.0)
remove Policy (1)
|
2023-12-12 19:47:53 |
| Regulatory Compliance | 03de05a4-c324-4ccd-882f-a814ea8ab9ea | Sovereignty Baseline - Confidential Policies | The Microsoft Cloud for Sovereignty recommends confidential policies to help organizations achieve their sovereignty goals by default denying the creation of resources outside of approved regions, denying resources that are not backed by Azure Confidential Computing, and denying data storage resources that are not using Customer-Managed Keys. More details can be found here: https://aka.ms/SovereigntyBaselinePolicies |
add Initiative
|
2023-12-12 19:47:53 |
| Regulatory Compliance | c1cbff38-87c0-4b9f-9f70-035c7a3b5523 | Sovereignty Baseline - Global Policies | The Microsoft Cloud for Sovereignty recommends global policies to help organizations achieve their sovereignty goals by default denying the creation of resources outside of approved regions. More details can be found here: https://aka.ms/SovereigntyBaselinePolicies |
add Initiative
|
2023-12-12 19:47:53 |
| BuiltInPolicyTest | 1bb84455-9e6e-434c-8db6-fa6d03a67e87 | Ensures resources to not have a specific tag. This is a versioning test built-in. | Denies the creation of a resource that contains the given tag. Does not apply to resource groups. |
change Version: Major (1.0.1 > 2.0.0) |
2023-12-08 20:47:32 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
add Policy (1)
change Version: Minor (9.4.0 > 9.5.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
add Policy (1)
change Version: Minor (17.5.0 > 17.6.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
add Policy (1)
change Version: Minor (16.2.0 > 16.3.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
add Policy (1)
change Version: Minor (11.5.0 > 11.6.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
add Policy (1)
change Version: Minor, suffix remains equal (2.5.1-preview > 2.6.0-preview)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
add Policy (1)
change Version: Minor (15.5.0 > 15.6.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | 4054785f-702b-4a98-9215-009cbd58b141 | SOC 2 Type 2 | A System and Organization Controls (SOC) 2 is a report based on the Trust Service Principles and Criteria established by the American Institute of Certified Public Accountants (AICPA). The Report evaluates an organization's information system relevant to the following principles: security, availability, processing integrity, confidentiality and privacy. These policies address a subset of SOC 2 Type 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-soc-2 |
add Policy (1)
change Version: Minor (1.4.0 > 1.5.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
add Policy (1)
change Version: Minor (14.5.0 > 14.6.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
add Policy (1)
change Version: Minor, suffix remains equal (2.4.1-preview > 2.5.0-preview)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | 7bc7cd6c-4114-ff31-3cac-59be3157596d | SWIFT CSP-CSCF v2022 | SWIFT's Customer Security Programme (CSP) helps financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF). These policies address a subset of SWIFT controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/swift-cscf-v2021 |
add Policy (1)
change Version: Minor (2.2.0 > 2.3.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
add Policy (1)
change Version: Minor (17.5.0 > 17.6.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
add Policy (1)
change Version: Minor (11.3.1 > 11.4.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | 6ce73208-883e-490f-a2ac-44aac3b3687f | NL BIO Cloud Theme | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
add Policy (1)
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 | CIS Microsoft Azure Foundations Benchmark v1.4.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.4.0 controls. For more information, visit https://aka.ms/cisazure140-initiative |
add Policy (1)
change Version: Minor (1.5.1 > 1.6.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
add Policy (1)
change Version: Minor (8.4.0 > 8.5.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | 06f19060-9e68-4070-92ca-f15cc126059e | CIS Microsoft Azure Foundations Benchmark v2.0.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v2.0.0 controls. For more information, visit https://aka.ms/cisazure200-initiative |
add Policy (1)
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
add Policy (1)
change Version: Minor (2.5.1 > 2.6.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
add Policy (1)
change Version: Minor (17.5.0 > 17.6.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
add Policy (1)
change Version: Minor, suffix remains equal (1.5.0-preview > 1.6.0-preview)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
add Policy (1)
change Version: Minor, suffix remains equal (4.4.0-preview > 4.5.0-preview)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
change Version: Minor, suffix remains equal (11.3.1-deprecated > 11.4.0-deprecated)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (57.24.0 > 57.25.0)
remove Policy (1)
|
2023-12-07 18:54:02 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
change Version: Patch, suffix remains equal (1.3.1-preview > 1.3.2-preview) |
2023-12-07 18:54:02 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
change Description
change DisplayName
|
2023-12-05 19:46:52 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
change Version: Patch, suffix remains equal (11.3.0-deprecated > 11.3.1-deprecated) |
2023-12-01 19:16:58 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Patch (2.5.0 > 2.5.1) |
2023-12-01 19:16:58 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
change Version: Patch, suffix remains equal (8.2.0-preview > 8.2.1-preview) |
2023-12-01 19:16:58 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change Version: Patch (11.3.0 > 11.3.1) |
2023-12-01 19:16:58 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
change Version: Patch, suffix remains equal (2.5.0-preview > 2.5.1-preview) |
2023-12-01 19:16:58 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
change Version: Patch, suffix remains equal (2.4.0-preview > 2.4.1-preview) |
2023-12-01 19:16:58 |
| Security Center | de01d381-bae9-4670-8870-786f89f49e26 | Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a user-defined LA workspace | Microsoft Defender for SQL collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Creates a resource group and a Data Collection Rule in the same region as the user-defined Log Analytics workspace. |
change DisplayName
change Version: Patch, old suffix: preview (1.1.0-preview > 1.1.1) |
2023-11-22 19:18:10 |
| Security Center | d7c3ea3a-edf3-4bd5-bd64-d5b635b05393 | Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a LA workspace | Microsoft Defender for SQL collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Creates a resource group and a Data Collection Rule and Log Analytics workspace in the same region as the machine. |
change DisplayName
change Version: Patch, old suffix: preview (1.2.0-preview > 1.2.1) |
2023-11-22 19:18:10 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (57.23.2 > 57.24.0) |
2023-11-16 20:21:34 |
| Security Center | 362ab02d-c362-417e-a525-45805d58e21d | [Deprecated]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. Create a resource group, Data Collection Rule and Log Analytics workspace to store data. |
change Version: Patch, suffix remains equal (1.0.1-deprecated > 1.0.2-deprecated) |
2023-11-14 18:15:13 |
| Monitoring | a15f3269-2e10-458c-87a4-d5989e678a73 | [Deprecated]: Configure machines to automatically install the Azure Monitor and Azure Security agents on virtual machines | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. |
change Version: Patch, suffix remains equal (3.0.0-deprecated > 3.0.1-deprecated) |
2023-11-14 18:15:13 |
| Security Center | 500ab3a2-f1bd-4a5a-8e47-3e09d9a294c3 | [Deprecated]: Configure machines to create the user-defined Microsoft Defender for Cloud pipeline using Azure Monitor Agent | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. Use the user-provided Log Analytics workspace to store audit records. |
change Version: Patch, suffix remains equal (1.0.1-deprecated > 1.0.2-deprecated) |
2023-11-14 18:15:13 |
| Resilience | 130fb88f-0fc9-4678-bfe1-31022d71c7d5 | [Preview]: Resources should be Zone Resilient | Some resource types can be deployed Zone Redundant (e.g. SQL Databases); some can be deploy Zone Aligned (e.g. Virtual Machines); and some can be deployed either Zone Aligned or Zone Redundant (e.g. Virtual Machine Scale Sets). Being zone aligned does not guarantee resilience, but it is the foundation on which a resilient solution can be built (e.g. three Virtual Machine Scale Sets zone aligned to three different zones in the same region with a load balancer). See https://aka.ms/AZResilience for more info. |
add Policy (7)
change Version: Minor, suffix remains equal (1.1.0-preview > 1.4.0-preview) |
2023-11-09 19:39:25 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Patch (57.23.1 > 57.23.2) |
2023-11-09 19:39:25 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
add Policy (3)
change Version: Minor, suffix remains equal (1.2.1-preview > 1.3.1-preview) |
2023-11-03 19:40:09 |
| Monitoring | a15f3269-2e10-458c-87a4-d5989e678a73 | [Deprecated]: Configure machines to automatically install the Azure Monitor and Azure Security agents on virtual machines | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. |
change DisplayName
change Version: Version remains equal, suffix changed: new suffix: deprecated; old suffix: preview (3.0.0-preview > 3.0.0-deprecated) |
2023-11-03 19:40:09 |
| Security Center | 362ab02d-c362-417e-a525-45805d58e21d | [Deprecated]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. Create a resource group, Data Collection Rule and Log Analytics workspace to store data. |
change DisplayName
change Version: Version remains equal, suffix changed: new suffix: deprecated; old suffix: preview (1.0.1-preview > 1.0.1-deprecated) |
2023-11-03 19:40:09 |
| Security Center | 500ab3a2-f1bd-4a5a-8e47-3e09d9a294c3 | [Deprecated]: Configure machines to create the user-defined Microsoft Defender for Cloud pipeline using Azure Monitor Agent | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. Use the user-provided Log Analytics workspace to store audit records. |
change DisplayName
change Version: Version remains equal, suffix changed: new suffix: deprecated; old suffix: preview (1.0.1-preview > 1.0.1-deprecated) |
2023-11-03 19:40:09 |
| Resilience | 130fb88f-0fc9-4678-bfe1-31022d71c7d5 | [Preview]: Resources should be Zone Resilient | Some resource types can be deployed Zone Redundant (e.g. SQL Databases); some can be deploy Zone Aligned (e.g. Virtual Machines); and some can be deployed either Zone Aligned or Zone Redundant (e.g. Virtual Machine Scale Sets). Being zone aligned does not guarantee resilience, but it is the foundation on which a resilient solution can be built (e.g. three Virtual Machine Scale Sets zone aligned to three different zones in the same region with a load balancer). See https://aka.ms/AZResilience for more info. |
add Initiative
|
2023-11-03 19:40:09 |
| Kubernetes | af28bf8b-c669-4dd3-9137-1e68fdc61bd6 | [Preview]: Use Image Integrity to ensure only trusted images are deployed | Use Image Integrity to ensure AKS clusters deploy only trusted images by enabling the Image Integrity and Azure Policy Add-Ons on AKS clusters. Image Integrity Add-On and Azure Policy Add-On are both pre-requisites to using Image Integrity to verify if image is signed upon deployment. For more info, visit https://aka.ms/aks/image-integrity. |
add Policy (1)
change Version: Minor, suffix remains equal (1.0.1-preview > 1.1.0-preview) |
2023-10-30 19:02:13 |
| Kubernetes | a8640138-9b0a-4a28-b8cb-1666c838647d | Kubernetes cluster pod security baseline standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security baseline standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
change Version: Minor (1.3.0 > 1.4.0) |
2023-10-30 19:02:13 |
| Security Center | 500ab3a2-f1bd-4a5a-8e47-3e09d9a294c3 | [Deprecated]: Configure machines to create the user-defined Microsoft Defender for Cloud pipeline using Azure Monitor Agent | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. Use the user-provided Log Analytics workspace to store audit records. |
change Description
|
2023-10-27 18:02:04 |
| Monitoring | a15f3269-2e10-458c-87a4-d5989e678a73 | [Deprecated]: Configure machines to automatically install the Azure Monitor and Azure Security agents on virtual machines | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. |
change Description
|
2023-10-27 18:02:04 |
| Security Center | 362ab02d-c362-417e-a525-45805d58e21d | [Deprecated]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. Create a resource group, Data Collection Rule and Log Analytics workspace to store data. |
change Description
|
2023-10-27 18:02:04 |
| Kubernetes | af28bf8b-c669-4dd3-9137-1e68fdc61bd6 | [Preview]: Use Image Integrity to ensure only trusted images are deployed | Use Image Integrity to ensure AKS clusters deploy only trusted images by enabling the Image Integrity and Azure Policy Add-Ons on AKS clusters. Image Integrity Add-On and Azure Policy Add-On are both pre-requisites to using Image Integrity to verify if image is signed upon deployment. For more info, visit https://aka.ms/aks/image-integrity. |
change Version: Patch, suffix remains equal (1.0.0-preview > 1.0.1-preview) |
2023-10-19 18:01:48 |
| Kubernetes | af28bf8b-c669-4dd3-9137-1e68fdc61bd6 | [Preview]: Use Image Integrity to ensure only trusted images are deployed | Use Image Integrity to ensure AKS clusters deploy only trusted images by enabling the Image Integrity and Azure Policy Add-Ons on AKS clusters. Image Integrity Add-On and Azure Policy Add-On are both pre-requisites to using Image Integrity to verify if image is signed upon deployment. For more info, visit https://aka.ms/aks/image-integrity. |
change Description
|
2023-10-16 18:02:29 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
add Policy (1)
change Version: Minor, suffix remains equal (1.1.1-preview > 1.2.1-preview) |
2023-10-11 18:00:02 |
| Regulatory Compliance | 6ce73208-883e-490f-a2ac-44aac3b3687f | NL BIO Cloud Theme | This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls. |
add Initiative
|
2023-10-03 17:59:51 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Patch (57.23.0 > 57.23.1) |
2023-09-21 17:57:51 |
| Security Center | de01d381-bae9-4670-8870-786f89f49e26 | Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a user-defined LA workspace | Microsoft Defender for SQL collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Creates a resource group and a Data Collection Rule in the same region as the user-defined Log Analytics workspace. |
change Description
change DisplayName
|
2023-09-18 18:02:04 |
| Security Center | d7c3ea3a-edf3-4bd5-bd64-d5b635b05393 | Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a LA workspace | Microsoft Defender for SQL collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Creates a resource group and a Data Collection Rule and Log Analytics workspace in the same region as the machine. |
change Description
change DisplayName
|
2023-09-18 18:02:04 |
| Security Center | d7c3ea3a-edf3-4bd5-bd64-d5b635b05393 | Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a LA workspace | Microsoft Defender for SQL collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Creates a resource group and a Data Collection Rule and Log Analytics workspace in the same region as the machine. |
change Version: Minor, suffix remains equal (1.1.0-preview > 1.2.0-preview) |
2023-09-14 17:58:18 |
| Security Center | de01d381-bae9-4670-8870-786f89f49e26 | Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a user-defined LA workspace | Microsoft Defender for SQL collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Creates a resource group and a Data Collection Rule in the same region as the user-defined Log Analytics workspace. |
change Version: Minor, suffix remains equal (1.0.0-preview > 1.1.0-preview) |
2023-09-14 17:58:18 |
| BuiltInPolicyTest | 1bb84455-9e6e-434c-8db6-fa6d03a67e87 | Ensures resources to not have a specific tag. This is a versioning test built-in. | Denies the creation of a resource that contains the given tag. Does not apply to resource groups. |
change Version: Patch (1.0.0 > 1.0.1) |
2023-09-14 17:58:18 |
| BuiltInPolicyTest | 1bb84455-9e6e-434c-8db6-fa6d03a67e87 | Ensures resources to not have a specific tag. This is a versioning test built-in. | Denies the creation of a resource that contains the given tag. Does not apply to resource groups. |
change Description
change DisplayName
|
2023-09-13 04:18:43 |
| Regulatory Compliance | c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 | CIS Microsoft Azure Foundations Benchmark v1.4.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.4.0 controls. For more information, visit https://aka.ms/cisazure140-initiative |
change Description
|
2023-09-13 04:18:43 |
| Regulatory Compliance | 06f19060-9e68-4070-92ca-f15cc126059e | CIS Microsoft Azure Foundations Benchmark v2.0.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v2.0.0 controls. For more information, visit https://aka.ms/cisazure200-initiative |
add Initiative
|
2023-09-06 19:45:48 |
| Regulatory Compliance | c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 | CIS Microsoft Azure Foundations Benchmark v1.4.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.4.0 controls. For more information, visit https://aka.ms/cisazure140-initiative |
change Version: Patch (1.5.0 > 1.5.1) |
2023-09-06 19:45:48 |
| Kubernetes | af28bf8b-c669-4dd3-9137-1e68fdc61bd6 | [Preview]: Use Image Integrity to ensure only trusted images are deployed | Use Image Integrity to ensure AKS clusters deploy only trusted images by enabling the Image Integrity and Azure Policy Add-Ons on AKS clusters. Image Integrity Add-On and Azure Policy Add-On are both pre-requisites to using Image Integrity to verify if image is signed upon deployment. For more info, visit https://aka.ms/aks/image-integrity. |
add Initiative
|
2023-09-06 19:45:48 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (9)
change Version: Minor (57.22.0 > 57.23.0) |
2023-08-31 17:59:16 |
| Security Center | d7c3ea3a-edf3-4bd5-bd64-d5b635b05393 | Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a LA workspace | Microsoft Defender for SQL collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Creates a resource group and a Data Collection Rule and Log Analytics workspace in the same region as the machine. |
add Initiative
|
2023-08-25 17:58:14 |
| Security Center | de01d381-bae9-4670-8870-786f89f49e26 | Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a user-defined LA workspace | Microsoft Defender for SQL collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Creates a resource group and a Data Collection Rule in the same region as the user-defined Log Analytics workspace. |
add Initiative
|
2023-08-25 17:58:14 |
| Monitoring | 9dffaf29-5905-4145-883c-957eb442c226 | [Deprecated]: Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) | Enable Azure Monitor for the virtual machines (VMs) with AMA. Takes Log Analytics workspace as parameter and asks for an option to enable Processes and Dependencies. |
change DisplayName
change Version: Patch, suffix remains equal (1.2.1-preview > 1.2.2-preview) |
2023-08-17 17:57:06 |
| Monitoring | 1f9b0c83-b4fa-4585-a686-72b74aeabcfd | [Deprecated]: Enable Azure Monitor for VMSS with Azure Monitoring Agent(AMA) | Enable Azure Monitor for the virtual machines scale set (VMSS) with AMA. Takes Log Analytics workspace as parameter and asks for an option to enable Processes and Dependencies. |
change DisplayName
change Version: Patch, suffix remains equal (1.2.1-preview > 1.2.2-preview) |
2023-08-17 17:57:06 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Minor (57.20.0 > 57.22.0) |
2023-08-17 17:57:06 |
| Monitoring | 59e9c3eb-d8df-473b-8059-23fd38ddd0f0 | [Deprecated]: Enable Azure Monitor for Hybrid VMs with AMA | Enable Azure Monitor for the hybrid virtual machines with AMA. Takes Log Analytics workspace as parameter and asks for an option to enable Processes and Dependencies. |
change DisplayName
change Version: Patch, suffix remains equal (2.1.1-preview > 2.1.2-preview) |
2023-08-17 17:57:06 |
| Monitoring | 924bfe3a-762f-40e7-86dd-5c8b95eb09e6 | Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) | Enable Azure Monitor for the virtual machines (VMs) with AMA. |
add Initiative
|
2023-08-17 17:57:06 |
| Monitoring | 2b00397d-c309-49c4-aa5a-f0b2c5bc6321 | Enable Azure Monitor for Hybrid VMs with AMA | Enable Azure Monitor for the hybrid virtual machines with AMA. |
add Initiative
|
2023-08-17 17:57:06 |
| Monitoring | f5bf694c-cca7-4033-b883-3a23327d5485 | Enable Azure Monitor for VMSS with Azure Monitoring Agent(AMA) | Enable Azure Monitor for the virtual machines scale set (VMSS) with AMA. |
add Initiative
|
2023-08-17 17:57:06 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (2)
change Version: Minor (57.19.0 > 57.20.0) |
2023-08-09 17:56:06 |
| General | 0a2ebd47-3fb9-4735-a006-b7f31ddadd9f | Allow Usage Cost Resources | Allow resources to be deployed except MCPP, M365. |
add Initiative
|
2023-08-09 17:56:06 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
change Version: Patch, suffix remains equal (1.1.0-preview > 1.1.1-preview) |
2023-07-28 20:08:16 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
change Description
|
2023-07-24 17:56:15 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Minor (57.18.0 > 57.19.0) |
2023-06-29 17:48:40 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Minor (57.16.0 > 57.18.0) |
2023-06-21 17:48:55 |
| Monitoring | 9dffaf29-5905-4145-883c-957eb442c226 | [Deprecated]: Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) | Enable Azure Monitor for the virtual machines (VMs) with AMA. Takes Log Analytics workspace as parameter and asks for an option to enable Processes and Dependencies. |
change Version: Minor, suffix remains equal (1.1.1-preview > 1.2.1-preview) |
2023-06-21 17:48:55 |
| Monitoring | 1f9b0c83-b4fa-4585-a686-72b74aeabcfd | [Deprecated]: Enable Azure Monitor for VMSS with Azure Monitoring Agent(AMA) | Enable Azure Monitor for the virtual machines scale set (VMSS) with AMA. Takes Log Analytics workspace as parameter and asks for an option to enable Processes and Dependencies. |
change Version: Minor, suffix remains equal (1.1.1-preview > 1.2.1-preview) |
2023-06-21 17:48:55 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Minor (57.14.0 > 57.16.0)
remove Policy (1)
|
2023-06-14 17:46:13 |
| Regulatory Compliance | 4054785f-702b-4a98-9215-009cbd58b141 | SOC 2 Type 2 | A System and Organization Controls (SOC) 2 is a report based on the Trust Service Principles and Criteria established by the American Institute of Certified Public Accountants (AICPA). The Report evaluates an organization's information system relevant to the following principles: security, availability, processing integrity, confidentiality and privacy. These policies address a subset of SOC 2 Type 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-soc-2 |
change Version: Minor (1.3.0 > 1.4.0)
remove Policy (1)
|
2023-06-14 17:46:13 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
change Version: Minor, suffix remains equal (1.0.0-preview > 1.1.0-preview) |
2023-06-08 17:46:29 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (11)
change Version: Minor (57.12.0 > 57.14.0) |
2023-05-25 17:42:57 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (57.11.1 > 57.12.0)
remove Policy (1)
|
2023-05-18 17:45:27 |
| Monitoring | 0d1b56c6-6d1f-4a5d-8695-b15efbea6b49 | Deploy Windows Azure Monitor Agent with user-assigned managed identity-based auth and associate with Data Collection Rule | Monitor your Windows virtual machines and virtual machine scale sets by deploying the Azure Monitor Agent extension with user-assigned managed identity authentication and associating with specified Data Collection Rule. Azure Monitor Agent Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Version: Minor (2.1.0 > 2.2.0) |
2023-05-18 17:45:27 |
| Monitoring | babf8e94-780b-4b4d-abaa-4830136a8725 | Deploy Linux Azure Monitor Agent with user-assigned managed identity-based auth and associate with Data Collection Rule | Monitor your Linux virtual machines and virtual machine scale sets by deploying the Azure Monitor Agent extension with user-assigned managed identity authentication and associating with specified Data Collection Rule. Azure Monitor Agent Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Version: Minor (2.1.0 > 2.2.0) |
2023-05-18 17:45:27 |
| Regulatory Compliance | 4054785f-702b-4a98-9215-009cbd58b141 | SOC 2 Type 2 | A System and Organization Controls (SOC) 2 is a report based on the Trust Service Principles and Criteria established by the American Institute of Certified Public Accountants (AICPA). The Report evaluates an organization's information system relevant to the following principles: security, availability, processing integrity, confidentiality and privacy. These policies address a subset of SOC 2 Type 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-soc-2 |
change Version: Minor (1.2.0 > 1.3.0) |
2023-05-10 17:45:01 |
| Kubernetes | c047ea8e-9c78-49b2-958b-37e56d291a44 | [Preview]: Deployment safeguards should help guide developers towards AKS recommended best practices | A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use deployment safeguards to assign this policy initiative: https://aka.ms/aks/deployment-safeguards. Azure Policy Add-On for AKS is a pre-requisite for applying these best practices to your clusters. For instructions on enabling the Azure Policy Add-On, go to aka.ms/akspolicydoc |
add Initiative
|
2023-05-10 17:45:01 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Patch (57.11.0 > 57.11.1) |
2023-05-10 17:45:01 |
| Guest Configuration | 8bc55e6b-e9d5-4266-8dac-f688d151ec9c | [Deprecated]: Audit Windows web servers that are not using secure communication protocols | This initiative deploys the policy requirements and audits Windows web servers that are not using secure communication protocols (TLS 1.1 or TLS 1.2). For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change Version: Minor, suffix remains equal (1.0.0-deprecated > 1.1.0-deprecated) |
2023-05-10 17:45:01 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Description
change DisplayName
|
2023-05-08 17:43:54 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
add Policy (8)
change Version: Minor, suffix remains equal (11.1.0-deprecated > 11.3.0-deprecated)
remove Policy (13)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
add Policy (8)
change Version: Minor, suffix remains equal (14.0.0-deprecated > 14.2.0-deprecated)
remove Policy (13)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
add Policy (8)
change Version: Minor (17.3.0 > 17.5.0)
remove Policy (13)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
add Policy (8)
change Version: Minor (11.1.0 > 11.3.0)
remove Policy (13)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
add Policy (8)
change Version: Minor, suffix remains equal (2.3.0-preview > 2.5.0-preview)
remove Policy (13)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
add Policy (8)
change Version: Minor, suffix remains equal (9.0.0-deprecated > 9.2.0-deprecated)
remove Policy (13)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
add Policy (8)
change Version: Minor, suffix remains equal (2.2.0-preview > 2.4.0-preview)
remove Policy (13)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
add Policy (8)
change Version: Minor (17.3.0 > 17.5.0)
remove Policy (13)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
add Policy (8)
change Version: Minor (9.2.0 > 9.4.0)
remove Policy (13)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
add Policy (8)
change Version: Minor (2.3.0 > 2.5.0)
remove Policy (13)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
add Policy (8)
change Version: Minor (15.3.0 > 15.5.0)
remove Policy (13)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
add Policy (8)
change Version: Minor (17.3.0 > 17.5.0)
remove Policy (13)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
add Policy (8)
change Version: Minor (14.3.0 > 14.5.0)
remove Policy (13)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
add Policy (7)
change Version: Minor (11.3.0 > 11.5.0)
remove Policy (12)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 | CIS Microsoft Azure Foundations Benchmark v1.4.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.4.0 controls. For more information, visit https://aka.ms/cisazure140-initiative |
add Policy (6)
change Version: Minor (1.3.0 > 1.5.0)
remove Policy (11)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
add Policy (6)
change Version: Minor (16.0.0 > 16.2.0)
remove Policy (11)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
add Policy (6)
change Version: Minor (8.2.0 > 8.4.0)
remove Policy (11)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
add Policy (8)
change Version: Minor, suffix remains equal (4.3.0-preview > 4.4.0-preview)
remove Policy (8)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 4054785f-702b-4a98-9215-009cbd58b141 | SOC 2 Type 2 | A System and Organization Controls (SOC) 2 is a report based on the Trust Service Principles and Criteria established by the American Institute of Certified Public Accountants (AICPA). The Report evaluates an organization's information system relevant to the following principles: security, availability, processing integrity, confidentiality and privacy. These policies address a subset of SOC 2 Type 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-soc-2 |
add Policy (8)
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (8)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
add Policy (8)
change Version: Minor (9.0.0 > 9.1.0)
remove Policy (8)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
add Policy (8)
change Version: Minor (8.0.0 > 8.1.0)
remove Policy (8)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 7bc7cd6c-4114-ff31-3cac-59be3157596d | SWIFT CSP-CSCF v2022 | SWIFT's Customer Security Programme (CSP) helps financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF). These policies address a subset of SWIFT controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/swift-cscf-v2021 |
add Policy (8)
change Version: Minor (2.1.0 > 2.2.0)
remove Policy (8)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
add Policy (3)
change Version: Minor, suffix remains equal (1.3.0-preview > 1.5.0-preview)
remove Policy (13)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2020-init. |
add Policy (8)
change Version: Minor, suffix remains equal (6.0.0-preview > 6.1.0-preview)
remove Policy (8)
|
2023-05-04 17:45:12 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (2)
change Version: Minor (57.7.0 > 57.11.0)
remove Policy (13)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 | PCI v3.2.1:2018 | This initiative includes policies that address a subset of PCI v3.2.1:2018 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/pciv321-init. |
add Policy (7)
change Version: Minor (6.0.0 > 6.1.0)
remove Policy (7)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | c676748e-3af9-4e22-bc28-50feed564afb | PCI DSS v4 | The Payment Card Industry (PCI) Data Security Standards (DSS) is a global information security standard designed to prevent fraud through increased control of credit card data. Compliance with PCI DSS is required for any organization that stores, processes, or transmits payment and cardholder data. These policies address a subset of PCI-DSS v4 controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/pci-dss-3-2-1 |
add Policy (7)
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (7)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
add Policy (7)
change Version: Minor (8.0.0 > 8.1.0)
remove Policy (7)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
add Policy (7)
change Version: Minor, suffix remains equal (8.1.0-preview > 8.2.0-preview)
remove Policy (7)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
add Policy (7)
change Version: Minor (8.0.0 > 8.1.0)
remove Policy (7)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
add Policy (5)
change Version: Minor (14.1.0 > 14.2.0)
remove Policy (5)
|
2023-05-04 17:45:12 |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-init. |
add Policy (2)
change Version: Minor, suffix remains equal (4.0.3-preview > 4.1.0-preview)
remove Policy (2)
|
2023-05-04 17:45:12 |
| Kubernetes | a8640138-9b0a-4a28-b8cb-1666c838647d | Kubernetes cluster pod security baseline standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security baseline standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
change Version: Minor (1.2.1 > 1.3.0) |
2023-05-04 17:45:12 |
| Kubernetes | 42b8ef37-b724-4e24-bbc8-7a7708edfe00 | Kubernetes cluster pod security restricted standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security restricted standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
change Version: Minor (2.3.1 > 2.4.0) |
2023-05-04 17:45:12 |
| Guest Configuration | 095e4ed9-c835-4ab6-9439-b5644362a06c | Audit machines with insecure password security settings | This initiative deploys the policy requirements and audits machines with insecure password security settings. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change Version: Minor (1.0.0 > 1.1.0) |
2023-04-28 17:43:07 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (9)
change Version: Minor (57.5.0 > 57.7.0) |
2023-04-20 17:41:20 |
| SDN | f1535064-3294-48fa-94e2-6e83095a5c08 | Audit Public Network Access | Audit Azure resources that allow access from the public internet |
change Version: Minor (4.0.0 > 4.1.0) |
2023-04-06 17:42:17 |
| Monitoring | 9575b8b7-78ab-4281-b53b-d3c1ace2260b | Configure Windows machines to run Azure Monitor Agent and associate them to a Data Collection Rule | Monitor and secure your Windows virtual machines, virtual machine scale sets, and Arc machines by deploying the Azure Monitor Agent extension and associating the machines with a specified Data Collection Rule. Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Version: Minor (3.0.0 > 3.1.0) |
2023-04-06 17:42:17 |
| Monitoring | 0d1b56c6-6d1f-4a5d-8695-b15efbea6b49 | Deploy Windows Azure Monitor Agent with user-assigned managed identity-based auth and associate with Data Collection Rule | Monitor your Windows virtual machines and virtual machine scale sets by deploying the Azure Monitor Agent extension with user-assigned managed identity authentication and associating with specified Data Collection Rule. Azure Monitor Agent Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Version: Minor (2.0.0 > 2.1.0) |
2023-04-06 17:42:17 |
| Monitoring | 118f04da-0375-44d1-84e3-0fd9e1849403 | Configure Linux machines to run Azure Monitor Agent and associate them to a Data Collection Rule | Monitor and secure your Linux virtual machines, virtual machine scale sets, and Arc machines by deploying the Azure Monitor Agent extension and associating the machines with a specified Data Collection Rule. Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Version: Minor (3.0.0 > 3.1.0) |
2023-04-06 17:42:17 |
| Managed Identity | 5e4ee281-95a3-442a-bb2a-5ef68cf5181a | [Preview]: Managed Identity Federated Credentials should be of approved types from approved federation sources | Control use of federated credentials for Managed Identities. This initiative incudes policies to block federated identity credentials altogether, to limit use to specific federation provider types, and to limit federation reationships to approved sources. |
add Initiative
|
2023-04-06 17:42:17 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (57.4.0 > 57.5.0) |
2023-04-06 17:42:17 |
| Monitoring | babf8e94-780b-4b4d-abaa-4830136a8725 | Deploy Linux Azure Monitor Agent with user-assigned managed identity-based auth and associate with Data Collection Rule | Monitor your Linux virtual machines and virtual machine scale sets by deploying the Azure Monitor Agent extension with user-assigned managed identity authentication and associating with specified Data Collection Rule. Azure Monitor Agent Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Version: Minor (2.0.0 > 2.1.0) |
2023-04-06 17:42:17 |
| BuiltInPolicyTest | 1bb84455-9e6e-434c-8db6-fa6d03a67e87 | Ensures resources to not have a specific tag. This is a versioning test built-in. | Denies the creation of a resource that contains the given tag. Does not apply to resource groups. |
add Initiative
|
2023-04-06 17:42:17 |
| SDN | 7379ef4c-89b0-48b6-a5cc-fd3a75eaef93 | Evaluate Private Link Usage Across All Supported Azure Resources | Compliant resources have at least one approved private endpoint connection |
add Policy (1)
change Version: Minor (1.0.2 > 1.1.0)
remove Policy (1)
|
2023-03-23 18:43:19 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
add Policy (1)
change Version: Minor (15.2.0 > 15.3.0)
remove Policy (1)
|
2023-03-23 18:43:19 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
add Policy (1)
change Version: Minor (11.2.0 > 11.3.0)
remove Policy (1)
|
2023-03-23 18:43:19 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
add Policy (1)
change Version: Minor (14.2.0 > 14.3.0)
remove Policy (1)
|
2023-03-23 18:43:19 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
add Policy (1)
change Version: Minor (17.2.0 > 17.3.0)
remove Policy (1)
|
2023-03-23 18:43:19 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
add Policy (1)
change Version: Minor, suffix remains equal (2.2.0-preview > 2.3.0-preview)
remove Policy (1)
|
2023-03-23 18:43:19 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
add Policy (1)
change Version: Minor, suffix remains equal (11.0.1-deprecated > 11.1.0-deprecated)
remove Policy (1)
|
2023-03-23 18:43:19 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
add Policy (1)
change Version: Minor (2.2.0 > 2.3.0)
remove Policy (1)
|
2023-03-23 18:43:19 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
add Policy (1)
change Version: Minor (17.2.0 > 17.3.0)
remove Policy (1)
|
2023-03-23 18:43:19 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Minor (57.3.1 > 57.4.0)
remove Policy (1)
|
2023-03-23 18:43:19 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
add Policy (1)
change Version: Minor, suffix remains equal (1.2.0-preview > 1.3.0-preview)
remove Policy (1)
|
2023-03-23 18:43:19 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
add Policy (1)
change Version: Minor (17.2.0 > 17.3.0)
remove Policy (1)
|
2023-03-23 18:43:19 |
| Guest Configuration | ee6f9c39-ca6c-4937-b5b7-f6d9775a6f17 | Configure secure communication protocols(TLS 1.1 or TLS 1.2) on Windows machine(including prerequisites) | Creates a Guest Configuration assignment(including prerequisites) to configure specified secure protocol version(TLS 1.1 or TLS 1.2) on Windows machine. For details, visit https://aka.ms/SetSecureProtocol |
add Initiative
|
2023-03-23 18:43:19 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (4)
change Version: Minor (57.2.0 > 57.3.1) |
2023-03-16 18:42:41 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Minor (57.1.0 > 57.2.0) |
2023-03-08 18:42:28 |
| Automanage | c138fd1a-e08f-4318-9490-d11ef2c2f9c1 | [Preview]: Audit configuration against Automanage Best Practices | Automanage Machine Best Practices ensures that managed resources are setup in accordance with the desired state as defined in the assigned Configuration Profile. |
add Initiative
|
2023-03-02 18:49:38 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
add Policy (1)
change Version: Minor (17.0.0 > 17.2.0)
remove Policy (2)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
add Policy (1)
change Version: Minor (14.0.0 > 14.2.0)
remove Policy (2)
|
2023-02-21 18:41:21 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Minor (57.0.0 > 57.1.0)
remove Policy (2)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
add Policy (1)
change Version: Minor (15.0.0 > 15.2.0)
remove Policy (2)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
add Policy (1)
change Version: Minor (17.0.0 > 17.2.0)
remove Policy (2)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
add Policy (1)
change Version: Minor (17.0.0 > 17.2.0)
remove Policy (2)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
add Policy (1)
change Version: Minor, suffix remains equal (2.0.0-preview > 2.2.0-preview)
remove Policy (2)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
add Policy (1)
change Version: Minor, suffix remains equal (4.1.0-preview > 4.3.0-preview)
remove Policy (2)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
add Policy (1)
change Version: Minor, suffix remains equal (2.1.0-preview > 2.2.0-preview)
remove Policy (1)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
change Version: Minor, suffix remains equal (1.0.2-preview > 1.2.0-preview)
remove Policy (2)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
add Policy (1)
change Version: Patch, suffix remains equal (11.0.0-deprecated > 11.0.1-deprecated)
remove Policy (1)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor (11.1.0 > 11.2.0)
remove Policy (1)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | 7bc7cd6c-4114-ff31-3cac-59be3157596d | SWIFT CSP-CSCF v2022 | SWIFT's Customer Security Programme (CSP) helps financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF). These policies address a subset of SWIFT controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/swift-cscf-v2021 |
change Version: Minor (2.0.0 > 2.1.0)
remove Policy (1)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
change Version: Minor (8.1.0 > 8.2.0)
remove Policy (1)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Version: Minor (14.0.0 > 14.1.0)
remove Policy (1)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor (2.1.0 > 2.2.0)
remove Policy (1)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Minor (9.1.0 > 9.2.0)
remove Policy (1)
|
2023-02-21 18:41:21 |
| Regulatory Compliance | c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 | CIS Microsoft Azure Foundations Benchmark v1.4.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.4.0 controls. For more information, visit https://aka.ms/cisazure140-initiative |
change Version: Minor (1.2.0 > 1.3.0)
remove Policy (1)
|
2023-02-21 18:41:21 |
| Monitoring | 8d723fb6-6680-45be-9d37-b1a4adb52207 | Enable audit category group resource logging for supported resources to storage | Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This initiative deploys diagnostic setting using the audit category group to route logs to storage for all supported resources. |
add Initiative
|
2023-02-16 18:41:09 |
| Monitoring | f5b29bc4-feca-4cc6-a58a-772dd5e290a5 | Enable audit category group resource logging for supported resources to Log Analytics | Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This initiative deploys diagnostic setting using the audit category group to route logs to Log Analytics for all supported resources. |
add Initiative
|
2023-02-16 18:41:09 |
| Monitoring | 1020d527-2764-4230-92cc-7035e4fcf8a7 | Enable audit category group resource logging for supported resources to Event Hub | Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This initiative deploys diagnostic setting using the audit category group to route logs to Event Hub for all supported resources |
add Initiative
|
2023-02-16 18:41:09 |
| SDN | 7379ef4c-89b0-48b6-a5cc-fd3a75eaef93 | Evaluate Private Link Usage Across All Supported Azure Resources | Compliant resources have at least one approved private endpoint connection |
change Version: Patch (1.0.1 > 1.0.2) |
2023-02-09 18:41:57 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
change Version: Patch, suffix remains equal (1.0.1-preview > 1.0.2-preview) |
2023-02-09 18:41:57 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
change Version: Patch, suffix remains equal (1.0.0-preview > 1.0.1-preview) |
2023-01-26 18:07:17 |
| SDN | 7379ef4c-89b0-48b6-a5cc-fd3a75eaef93 | Evaluate Private Link Usage Across All Supported Azure Resources | Compliant resources have at least one approved private endpoint connection |
change Version: Patch (1.0.0 > 1.0.1) |
2023-01-26 18:07:17 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change DisplayName
change Version: Minor, old suffix: preview (9.0.0-preview > 9.1.0)
remove Policy (1)
|
2023-01-19 18:07:18 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
change Version: Minor, suffix remains equal (4.0.0-preview > 4.1.0-preview)
remove Policy (1)
|
2023-01-19 18:07:18 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
change Version: Minor, suffix remains equal (2.0.0-preview > 2.1.0-preview)
remove Policy (1)
|
2023-01-19 18:07:18 |
| Regulatory Compliance | 4054785f-702b-4a98-9215-009cbd58b141 | SOC 2 Type 2 | A System and Organization Controls (SOC) 2 is a report based on the Trust Service Principles and Criteria established by the American Institute of Certified Public Accountants (AICPA). The Report evaluates an organization's information system relevant to the following principles: security, availability, processing integrity, confidentiality and privacy. These policies address a subset of SOC 2 Type 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-soc-2 |
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2023-01-19 18:07:18 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor (11.0.0 > 11.1.0)
remove Policy (1)
|
2023-01-19 18:07:18 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
change Version: Minor (8.0.0 > 8.1.0)
remove Policy (1)
|
2023-01-19 18:07:18 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change Version: Minor (11.0.0 > 11.1.0)
remove Policy (1)
|
2023-01-19 18:07:18 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
change Version: Minor, suffix remains equal (8.0.0-preview > 8.1.0-preview)
remove Policy (1)
|
2023-01-19 18:07:18 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Minor (2.0.1 > 2.1.0)
remove Policy (1)
|
2023-01-19 18:07:18 |
| Regulatory Compliance | c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 | CIS Microsoft Azure Foundations Benchmark v1.4.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.4.0 controls. For more information, visit https://aka.ms/cisazure140-initiative |
change Version: Minor (1.1.0 > 1.2.0)
remove Policy (1)
|
2023-01-19 18:07:18 |
| Regulatory Compliance | 80307b86-ab81-45ab-bf4f-4e0b93cf3dd5 | ACAT for Microsoft 365 Certification | App Compliance Automation Tool for Microsoft 365 (ACAT) simplifies the process to achieve Microsoft 365 Certification, see https://aka.ms/acat. This certification ensures that apps have strong security and compliance practices in place to protect customer data, security, and privacy. This initiative includes policies that address a subset of the Microsoft 365 Certification controls. Additional policies will be added in upcoming releases. |
add Initiative
|
2023-01-19 18:07:18 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (3)
change Version: Major (55.0.0 > 57.0.0) |
2022-12-21 17:43:48 |
| Monitoring | 118f04da-0375-44d1-84e3-0fd9e1849403 | Configure Linux machines to run Azure Monitor Agent and associate them to a Data Collection Rule | Monitor and secure your Linux virtual machines, virtual machine scale sets, and Arc machines by deploying the Azure Monitor Agent extension and associating the machines with a specified Data Collection Rule. Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Version: Major (2.0.0 > 3.0.0) |
2022-12-21 17:43:48 |
| Monitoring | 9575b8b7-78ab-4281-b53b-d3c1ace2260b | Configure Windows machines to run Azure Monitor Agent and associate them to a Data Collection Rule | Monitor and secure your Windows virtual machines, virtual machine scale sets, and Arc machines by deploying the Azure Monitor Agent extension and associating the machines with a specified Data Collection Rule. Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Version: Major (2.0.0 > 3.0.0) |
2022-12-21 17:43:48 |
| ChangeTrackingAndInventory | c4a70814-96be-461c-889f-2b27429120dc | Enable ChangeTracking and Inventory for virtual machine scale sets | Enable ChangeTracking and Inventory for virtual machine scale sets. Takes Data Collection Rule ID as parameter and asks for an option to input applicable locations and user-assigned identity for Azure Monitor Agent. |
add Initiative
|
2022-12-21 17:43:48 |
| ChangeTrackingAndInventory | 92a36f05-ebc9-4bba-9128-b47ad2ea3354 | Enable ChangeTracking and Inventory for virtual machines | Enable ChangeTracking and Inventory for virtual machines. Takes Data Collection Rule ID as parameter and asks for an option to input applicable locations and user-assigned identity for Azure Monitor Agent. |
add Initiative
|
2022-12-21 17:43:48 |
| Monitoring | 0d1b56c6-6d1f-4a5d-8695-b15efbea6b49 | Deploy Windows Azure Monitor Agent with user-assigned managed identity-based auth and associate with Data Collection Rule | Monitor your Windows virtual machines and virtual machine scale sets by deploying the Azure Monitor Agent extension with user-assigned managed identity authentication and associating with specified Data Collection Rule. Azure Monitor Agent Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Version: Major (1.0.0 > 2.0.0) |
2022-12-21 17:43:48 |
| Monitoring | babf8e94-780b-4b4d-abaa-4830136a8725 | Deploy Linux Azure Monitor Agent with user-assigned managed identity-based auth and associate with Data Collection Rule | Monitor your Linux virtual machines and virtual machine scale sets by deploying the Azure Monitor Agent extension with user-assigned managed identity authentication and associating with specified Data Collection Rule. Azure Monitor Agent Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Version: Major (1.0.0 > 2.0.0) |
2022-12-21 17:43:48 |
| ChangeTrackingAndInventory | 53448c70-089b-4f52-8f38-89196d7f2de1 | Enable ChangeTracking and Inventory for Arc-enabled virtual machines | Enable ChangeTracking and Inventory for Arc-enabled virtual machines. Takes Data Collection Rule ID as parameter and asks for an option to input applicable locations. |
add Initiative
|
2022-12-21 17:43:48 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Major (54.1.1 > 55.0.0) |
2022-11-11 17:43:56 |
| Regulatory Compliance | d0d5578d-cc08-2b22-31e3-f525374f235a | [Preview]: Reserve Bank of India - IT Framework for Banks | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Banks controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfbanks-initiative. |
add Initiative
|
2022-09-28 16:34:30 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
add Policy (496)
change Version: Major (16.0.1 > 17.0.0)
remove Policy (728)
|
2022-09-27 16:35:21 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
add Policy (481)
change Version: Major (13.0.0 > 14.0.0)
remove Policy (709)
|
2022-09-27 16:35:21 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
add Policy (496)
change Version: Major (16.0.0 > 17.0.0) |
2022-09-27 16:35:21 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
add Policy (496)
change Version: Major (13.0.0 > 14.0.0) |
2022-09-27 16:35:21 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
add Policy (427)
change Version: Major (16.0.0 > 17.0.0) |
2022-09-27 16:35:21 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
add Policy (410)
change Version: Major (7.0.0 > 8.0.0) |
2022-09-27 16:35:21 |
| Regulatory Compliance | 7bc7cd6c-4114-ff31-3cac-59be3157596d | SWIFT CSP-CSCF v2022 | SWIFT's Customer Security Programme (CSP) helps financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF). These policies address a subset of SWIFT controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/swift-cscf-v2021 |
add Policy (247)
change DisplayName
change Version: Major, old suffix: preview (1.0.0-preview > 2.0.0) |
2022-09-27 16:35:21 |
| Kubernetes | a8640138-9b0a-4a28-b8cb-1666c838647d | Kubernetes cluster pod security baseline standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security baseline standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
change Version: Patch (1.2.0 > 1.2.1) |
2022-09-27 16:35:21 |
| Regulatory Compliance | c676748e-3af9-4e22-bc28-50feed564afb | PCI DSS v4 | The Payment Card Industry (PCI) Data Security Standards (DSS) is a global information security standard designed to prevent fraud through increased control of credit card data. Compliance with PCI DSS is required for any organization that stores, processes, or transmits payment and cardholder data. These policies address a subset of PCI-DSS v4 controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/pci-dss-3-2-1 |
add Initiative
|
2022-09-27 16:35:21 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Patch (54.1.0 > 54.1.1) |
2022-09-27 16:35:21 |
| Kubernetes | 42b8ef37-b724-4e24-bbc8-7a7708edfe00 | Kubernetes cluster pod security restricted standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security restricted standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
change Version: Patch (2.3.0 > 2.3.1) |
2022-09-27 16:35:21 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Description
|
2022-09-21 16:34:39 |
| Kubernetes | 42b8ef37-b724-4e24-bbc8-7a7708edfe00 | Kubernetes cluster pod security restricted standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security restricted standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
change Description
|
2022-09-21 16:34:39 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Description
|
2022-09-21 16:34:39 |
| Regulatory Compliance | 7bc7cd6c-4114-ff31-3cac-59be3157596d | SWIFT CSP-CSCF v2022 | SWIFT's Customer Security Programme (CSP) helps financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF). These policies address a subset of SWIFT controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/swift-cscf-v2021 |
change Description
|
2022-09-21 16:34:39 |
| Kubernetes | a8640138-9b0a-4a28-b8cb-1666c838647d | Kubernetes cluster pod security baseline standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security baseline standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
change Description
|
2022-09-21 16:34:39 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
change Description
|
2022-09-21 16:34:39 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Description
|
2022-09-21 16:34:39 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Description
|
2022-09-21 16:34:39 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
change Description
|
2022-09-21 16:34:39 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
add Policy (224)
change Version: Major (14.0.0 > 15.0.0) |
2022-09-16 16:31:45 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
add Policy (93)
change Version: Major (7.0.0 > 8.0.0) |
2022-09-16 16:31:45 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
add Policy (82)
change Version: Major (15.0.0 > 16.0.0) |
2022-09-16 16:31:45 |
| Regulatory Compliance | 4054785f-702b-4a98-9215-009cbd58b141 | SOC 2 Type 2 | A System and Organization Controls (SOC) 2 is a report based on the Trust Service Principles and Criteria established by the American Institute of Certified Public Accountants (AICPA). The Report evaluates an organization's information system relevant to the following principles: security, availability, processing integrity, confidentiality and privacy. These policies address a subset of SOC 2 Type 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-soc-2 |
add Initiative
|
2022-09-16 16:31:45 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Description
|
2022-09-13 16:35:24 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
change Description
|
2022-09-13 16:35:24 |
| Regulatory Compliance | c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 | CIS Microsoft Azure Foundations Benchmark v1.4.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.4.0 controls. For more information, visit https://aka.ms/cisazure140-initiative |
add Policy (90)
change Version: Minor (1.0.0 > 1.1.0)
remove Policy (1)
|
2022-09-09 16:35:25 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (2)
change Version: Minor (54.0.0 > 54.1.0) |
2022-09-09 16:35:25 |
| Security Center | 9cb3cc7a-b39b-4b82-bc89-e5a5d9ff7b97 | Configure Azure Defender to be enabled on SQL Servers and SQL Managed Instances | Enable Azure Defender on your SQL Servers and SQL Managed Instances to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. |
add Policy (1)
change Version: Major (2.0.1 > 3.0.0) |
2022-09-09 16:35:25 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
change Description
|
2022-09-05 16:34:24 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (8)
change Version: Major (53.0.0 > 54.0.0) |
2022-09-01 16:38:24 |
| Monitoring | 9dffaf29-5905-4145-883c-957eb442c226 | [Deprecated]: Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) | Enable Azure Monitor for the virtual machines (VMs) with AMA. Takes Log Analytics workspace as parameter and asks for an option to enable Processes and Dependencies. |
change DisplayName
change Version: Minor, new suffix: preview (1.0.0 > 1.1.1-preview) |
2022-09-01 16:38:24 |
| Monitoring | 1f9b0c83-b4fa-4585-a686-72b74aeabcfd | [Deprecated]: Enable Azure Monitor for VMSS with Azure Monitoring Agent(AMA) | Enable Azure Monitor for the virtual machines scale set (VMSS) with AMA. Takes Log Analytics workspace as parameter and asks for an option to enable Processes and Dependencies. |
change DisplayName
change Version: Minor, new suffix: preview (1.0.0 > 1.1.1-preview) |
2022-09-01 16:38:24 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change DisplayName
change Version: Patch, old suffix: preview (2.0.0-preview > 2.0.1) |
2022-09-01 16:38:24 |
| Monitoring | 59e9c3eb-d8df-473b-8059-23fd38ddd0f0 | [Deprecated]: Enable Azure Monitor for Hybrid VMs with AMA | Enable Azure Monitor for the hybrid virtual machines with AMA. Takes Log Analytics workspace as parameter and asks for an option to enable Processes and Dependencies. |
change DisplayName
change Version: Minor, new suffix: preview (2.0.0 > 2.1.1-preview) |
2022-09-01 16:38:24 |
| Regulatory Compliance | c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 | CIS Microsoft Azure Foundations Benchmark v1.4.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.4.0 controls. For more information, visit https://aka.ms/cisazure140-initiative |
add Initiative
|
2022-09-01 16:38:24 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Description
|
2022-08-31 16:35:07 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Major (52.0.0 > 53.0.0)
remove Policy (8)
|
2022-08-18 16:32:47 |
| SDN | f1535064-3294-48fa-94e2-6e83095a5c08 | Audit Public Network Access | Audit Azure resources that allow access from the public internet |
add Policy (2)
change Version: Major (3.0.0 > 4.0.0) |
2022-08-18 16:32:47 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Version: Patch (16.0.0 > 16.0.1) |
2022-08-18 16:32:47 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (8)
change Version: Major (51.0.0 > 52.0.0) |
2022-08-12 16:33:44 |
| Monitoring | 55f3eceb-5573-4f18-9695-226972c6d74a | Legacy - Enable Azure Monitor for VMs | Legacy - Enable Azure Monitor for the virtual machines (VMs) in the specified scope (management group, subscription or resource group). Takes Log Analytics workspace as parameter. Use the new initiative named: Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) |
change Version: Patch (2.0.0 > 2.0.1) |
2022-08-12 16:33:44 |
| Security Center | 500ab3a2-f1bd-4a5a-8e47-3e09d9a294c3 | [Deprecated]: Configure machines to create the user-defined Microsoft Defender for Cloud pipeline using Azure Monitor Agent | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. Use the user-provided Log Analytics workspace to store audit records. |
change Version: Patch, suffix remains equal (1.0.0-preview > 1.0.1-preview) |
2022-08-12 16:33:44 |
| Monitoring | 75714362-cae7-409e-9b99-a8e5075b7fad | Legacy - Enable Azure Monitor for Virtual Machine Scale Sets | Legacy - Enable Azure Monitor for the Virtual Machine Scale Sets in the specified scope (Management group, Subscription or resource group). Takes Log Analytics workspace as parameter. Use the new initiative named: Enable Azure Monitor for VMSS with Azure Monitoring Agent(AMA). Note: if your scale set upgradePolicy is set to Manual, you need to apply the extension to the all VMs in the set by calling upgrade on them. In CLI this would be az vmss update-instances. |
change Version: Patch (1.0.1 > 1.0.2) |
2022-08-12 16:33:44 |
| Security Center | 362ab02d-c362-417e-a525-45805d58e21d | [Deprecated]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. Create a resource group, Data Collection Rule and Log Analytics workspace to store data. |
change Version: Patch, suffix remains equal (1.0.0-preview > 1.0.1-preview) |
2022-08-12 16:33:44 |
| Monitoring | 55f3eceb-5573-4f18-9695-226972c6d74a | Legacy - Enable Azure Monitor for VMs | Legacy - Enable Azure Monitor for the virtual machines (VMs) in the specified scope (management group, subscription or resource group). Takes Log Analytics workspace as parameter. Use the new initiative named: Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) |
change Description
change DisplayName
|
2022-08-08 16:31:57 |
| Security Center | 362ab02d-c362-417e-a525-45805d58e21d | [Deprecated]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. Create a resource group, Data Collection Rule and Log Analytics workspace to store data. |
change Description
change DisplayName
|
2022-08-08 16:31:57 |
| Monitoring | 75714362-cae7-409e-9b99-a8e5075b7fad | Legacy - Enable Azure Monitor for Virtual Machine Scale Sets | Legacy - Enable Azure Monitor for the Virtual Machine Scale Sets in the specified scope (Management group, Subscription or resource group). Takes Log Analytics workspace as parameter. Use the new initiative named: Enable Azure Monitor for VMSS with Azure Monitoring Agent(AMA). Note: if your scale set upgradePolicy is set to Manual, you need to apply the extension to the all VMs in the set by calling upgrade on them. In CLI this would be az vmss update-instances. |
change Description
change DisplayName
|
2022-08-08 16:31:57 |
| Security Center | 500ab3a2-f1bd-4a5a-8e47-3e09d9a294c3 | [Deprecated]: Configure machines to create the user-defined Microsoft Defender for Cloud pipeline using Azure Monitor Agent | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. Use the user-provided Log Analytics workspace to store audit records. |
change DisplayName
|
2022-08-08 16:31:57 |
| Monitoring | 9dffaf29-5905-4145-883c-957eb442c226 | [Deprecated]: Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) | Enable Azure Monitor for the virtual machines (VMs) with AMA. Takes Log Analytics workspace as parameter and asks for an option to enable Processes and Dependencies. |
add Initiative
|
2022-07-29 16:32:43 |
| Monitoring | 59e9c3eb-d8df-473b-8059-23fd38ddd0f0 | [Deprecated]: Enable Azure Monitor for Hybrid VMs with AMA | Enable Azure Monitor for the hybrid virtual machines with AMA. Takes Log Analytics workspace as parameter and asks for an option to enable Processes and Dependencies. |
add Initiative
|
2022-07-29 16:32:43 |
| Monitoring | 1f9b0c83-b4fa-4585-a686-72b74aeabcfd | [Deprecated]: Enable Azure Monitor for VMSS with Azure Monitoring Agent(AMA) | Enable Azure Monitor for the virtual machines scale set (VMSS) with AMA. Takes Log Analytics workspace as parameter and asks for an option to enable Processes and Dependencies. |
add Initiative
|
2022-07-29 16:32:43 |
| SDN | f1535064-3294-48fa-94e2-6e83095a5c08 | Audit Public Network Access | Audit Azure resources that allow access from the public internet |
add Policy (4)
change Version: Major (2.0.0 > 3.0.0) |
2022-07-27 16:33:05 |
| Security Center | e77fc0b3-f7e9-4c58-bc13-cb753ed8e46e | Configure Advanced Threat Protection to be enabled on open-source relational databases | Enable Advanced Threat Protection on your non-Basic tier open-source relational databases to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. See https://aka.ms/AzDforOpenSourceDBsDocu. |
change Version: Patch (1.0.0 > 1.0.1) |
2022-07-27 16:33:05 |
| Security Center | 9cb3cc7a-b39b-4b82-bc89-e5a5d9ff7b97 | Configure Azure Defender to be enabled on SQL Servers and SQL Managed Instances | Enable Azure Defender on your SQL Servers and SQL Managed Instances to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. |
change Version: Patch (2.0.0 > 2.0.1) |
2022-07-27 16:33:05 |
| Security Center | 9d46421d-1a48-4636-8d1a-5525ed29172d | Configure Microsoft Defender for Databases to be enabled | Configure Microsoft Defender for Databases to protect your Azure SQL Databases, Managed Instances, Open-source relational databases and Cosmos DB. |
add Initiative
|
2022-07-21 16:31:46 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Major, suffix remains equal (1.0.0-preview > 2.0.0-preview)
remove Policy (11)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Major, suffix remains equal (8.0.0-preview > 9.0.0-preview)
remove Policy (11)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Version: Major (13.0.0 > 14.0.0)
remove Policy (10)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
change Version: Major (12.0.0 > 13.0.0)
remove Policy (10)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Version: Major (15.0.0 > 16.0.0)
remove Policy (10)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Version: Major (15.0.0 > 16.0.0)
remove Policy (10)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Version: Major (15.0.0 > 16.0.0)
remove Policy (10)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
change Version: Major (6.1.0 > 7.0.0)
remove Policy (9)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
change Version: Major, suffix remains equal (10.0.0-deprecated > 11.0.0-deprecated)
remove Policy (9)
|
2022-07-07 16:32:14 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Major (50.3.0 > 51.0.0)
remove Policy (9)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
change Version: Major, suffix remains equal (13.0.0-deprecated > 14.0.0-deprecated)
remove Policy (8)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
change Version: Major (14.0.0 > 15.0.0)
remove Policy (8)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Major (10.0.0 > 11.0.0)
remove Policy (8)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
change Version: Major, suffix remains equal (1.0.0-preview > 2.0.0-preview)
remove Policy (7)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change Version: Major (10.0.0 > 11.0.0)
remove Policy (7)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
change Version: Major, suffix remains equal (8.0.0-deprecated > 9.0.0-deprecated)
remove Policy (6)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
change Version: Major, suffix remains equal (3.0.0-preview > 4.0.0-preview)
remove Policy (4)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Version: Major (12.0.0 > 13.0.0)
remove Policy (3)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
change Version: Major, suffix remains equal (7.0.0-preview > 8.0.0-preview)
remove Policy (2)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
change Version: Major (8.0.0 > 9.0.0)
remove Policy (1)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2020-init. |
change Version: Major, suffix remains equal (5.0.0-preview > 6.0.0-preview)
remove Policy (1)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
change Version: Major (7.0.0 > 8.0.0)
remove Policy (1)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
change Version: Major (7.0.0 > 8.0.0)
remove Policy (1)
|
2022-07-07 16:32:14 |
| Regulatory Compliance | 4e50fd13-098b-3206-61d6-d1d78205cb45 | [Preview]: CMMC 2.0 Level 2 | This initiative includes policies that address a subset of CMMC 2.0 Level 2 practices. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc2l2-initiative. |
add Initiative
|
2022-07-07 16:32:14 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (50.2.0 > 50.3.0) |
2022-06-30 16:33:05 |
| Guest Configuration | 2b0ce52e-301c-4221-ab38-1601e2b4cee3 | [Preview]: Deploy prerequisites to enable Guest Configuration policies on virtual machines using user-assigned managed identity | This initiative adds a user-assigned managed identity and deploys the platform-appropriate Guest Configuration extension to virtual machines that are eligible to be monitored by Guest Configuration policies. This is a prerequisite for all Guest Configuration policies and must be assigned to the policy assignment scope before using any Guest Configuration policy. For more information on Guest Configuration, visit https://aka.ms/gcpol. |
add Initiative
|
2022-06-30 16:33:05 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (50.1.0 > 50.2.0) |
2022-06-23 16:36:57 |
| Monitoring | babf8e94-780b-4b4d-abaa-4830136a8725 | Deploy Linux Azure Monitor Agent with user-assigned managed identity-based auth and associate with Data Collection Rule | Monitor your Linux virtual machines and virtual machine scale sets by deploying the Azure Monitor Agent extension with user-assigned managed identity authentication and associating with specified Data Collection Rule. Azure Monitor Agent Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
add Initiative
|
2022-06-23 16:36:57 |
| SDN | f1535064-3294-48fa-94e2-6e83095a5c08 | Audit Public Network Access | Audit Azure resources that allow access from the public internet |
change DisplayName
|
2022-06-21 16:34:04 |
| SDN | f1535064-3294-48fa-94e2-6e83095a5c08 | Audit Public Network Access | Audit Azure resources that allow access from the public internet |
add Policy (17)
change Version: Major (1.0.0 > 2.0.0) |
2022-06-16 16:34:43 |
| SDN | 7379ef4c-89b0-48b6-a5cc-fd3a75eaef93 | Evaluate Private Link Usage Across All Supported Azure Resources | Compliant resources have at least one approved private endpoint connection |
add Initiative
|
2022-06-16 16:34:43 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (50.0.0 > 50.1.0) |
2022-06-16 16:34:43 |
| Regulatory Compliance | 7bc7cd6c-4114-ff31-3cac-59be3157596d | SWIFT CSP-CSCF v2022 | SWIFT's Customer Security Programme (CSP) helps financial institutions ensure their defences against cyberattacks are up to date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have implemented with those detailed in the Customer Security Controls Framework (CSCF). These policies address a subset of SWIFT controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/swift-cscf-v2021 |
add Initiative
|
2022-06-16 16:34:43 |
| Monitoring | 0d1b56c6-6d1f-4a5d-8695-b15efbea6b49 | Deploy Windows Azure Monitor Agent with user-assigned managed identity-based auth and associate with Data Collection Rule | Monitor your Windows virtual machines and virtual machine scale sets by deploying the Azure Monitor Agent extension with user-assigned managed identity authentication and associating with specified Data Collection Rule. Azure Monitor Agent Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
add Initiative
|
2022-06-16 16:34:43 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
change Version: Major, suffix remains equal (9.0.0-deprecated > 10.0.0-deprecated)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
change Version: Major (5.0.0 > 7.0.0)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
change Version: Major (5.1.1 > 7.0.0)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
change Version: Major, suffix remains equal (11.0.0-deprecated > 13.0.0-deprecated)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Version: Major (14.0.0 > 15.0.0)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change Version: Major (8.1.0 > 10.0.0)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Version: Major (14.0.0 > 15.0.0)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
change Version: Major (5.1.1 > 7.0.0)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
change Version: Major, suffix remains equal (2.0.1-preview > 3.0.0-preview)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Major, suffix remains equal (6.0.0-preview > 8.0.0-preview)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
change Version: Major (11.0.0 > 12.0.0)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
change Version: Major (6.0.1 > 8.0.0)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change Version: Major (9.0.0 > 10.0.0)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 | PCI v3.2.1:2018 | This initiative includes policies that address a subset of PCI v3.2.1:2018 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/pciv321-init. |
change Version: Major (4.0.0 > 6.0.0)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
change Version: Major, suffix remains equal (6.1.1-deprecated > 8.0.0-deprecated)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
change Version: Major, suffix remains equal (5.1.0-preview > 7.0.0-preview)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Version: Major (10.1.1 > 12.0.0)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Version: Major (14.0.0 > 15.0.0)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2020-init. |
change Version: Major, suffix remains equal (3.1.1-preview > 5.0.0-preview)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Version: Major (12.0.0 > 13.0.0)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Major (49.0.0 > 50.0.0)
remove Policy (1)
|
2022-06-10 16:31:22 |
| Regulatory Compliance | 93d2179e-3068-c82f-2428-d614ae836a04 | [Deprecated]: New Zealand ISM Restricted v3.5 | This initiative includes policies that address a subset of New Zealand Information Security Manual v3.5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
add Initiative
|
2022-06-02 16:30:53 |
| Regulatory Compliance | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c | [Preview]: Reserve Bank of India - IT Framework for NBFC | This initiative includes policies that address a subset of Reserve Bank of India IT Framework for Non-Banking Financial Companies (NBFC) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/rbiitfnbfc-initiative. |
add Initiative
|
2022-06-02 16:30:53 |
| Security Center | 500ab3a2-f1bd-4a5a-8e47-3e09d9a294c3 | [Deprecated]: Configure machines to create the user-defined Microsoft Defender for Cloud pipeline using Azure Monitor Agent | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. Use the user-provided Log Analytics workspace to store audit records. |
add Initiative
|
2022-06-02 16:30:53 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
change Version: Patch, suffix remains equal (2.0.0-preview > 2.0.1-preview) |
2022-06-02 16:30:53 |
| Security Center | 362ab02d-c362-417e-a525-45805d58e21d | [Deprecated]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. Create a resource group, Data Collection Rule and Log Analytics workspace to store data. |
add Initiative
|
2022-06-02 16:30:53 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
change Description
change DisplayName
|
2022-05-31 16:32:27 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
add Policy (2)
change Version: Major (12.0.0 > 14.0.0)
remove Policy (3)
|
2022-05-26 16:30:17 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
add Policy (2)
change Version: Major (9.0.0 > 11.0.0)
remove Policy (3)
|
2022-05-26 16:30:17 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
add Policy (2)
change Version: Major (12.0.0 > 14.0.0)
remove Policy (3)
|
2022-05-26 16:30:17 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
add Policy (2)
change Version: Major (10.0.0 > 12.0.0)
remove Policy (3)
|
2022-05-26 16:30:17 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
add Policy (2)
change Version: Major (12.0.0 > 14.0.0)
remove Policy (3)
|
2022-05-26 16:30:17 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
add Policy (1)
change Version: Major (7.0.0 > 9.0.0)
remove Policy (2)
|
2022-05-26 16:30:17 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
add Policy (1)
change Version: Major, suffix remains equal (8.0.0-deprecated > 9.0.0-deprecated)
remove Policy (1)
|
2022-05-26 16:30:17 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Major (48.2.0 > 49.0.0)
remove Policy (1)
|
2022-05-26 16:30:17 |
| Kubernetes | 42b8ef37-b724-4e24-bbc8-7a7708edfe00 | Kubernetes cluster pod security restricted standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security restricted standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
change Version: Minor (2.2.0 > 2.3.0) |
2022-05-19 16:30:35 |
| Kubernetes | a8640138-9b0a-4a28-b8cb-1666c838647d | Kubernetes cluster pod security baseline standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security baseline standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
change Version: Minor (1.1.1 > 1.2.0) |
2022-05-19 16:30:35 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
change Version: Major (8.0.0 > 9.0.0)
remove Policy (1)
|
2022-05-12 16:30:30 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Version: Major (11.0.0 > 12.0.0)
remove Policy (1)
|
2022-05-12 16:30:30 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Version: Major (11.0.0 > 12.0.0)
remove Policy (1)
|
2022-05-12 16:30:30 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
change Version: Major, suffix remains equal (7.0.0-deprecated > 8.0.0-deprecated)
remove Policy (1)
|
2022-05-12 16:30:30 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Major (47.0.0 > 48.2.0)
remove Policy (1)
|
2022-05-12 16:30:30 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Version: Major (11.0.0 > 12.0.0)
remove Policy (1)
|
2022-05-12 16:30:30 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Version: Major (9.0.0 > 10.0.0)
remove Policy (1)
|
2022-05-12 16:30:30 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Major, suffix remains equal (5.0.0-preview > 6.0.0-preview)
remove Policy (1)
|
2022-05-12 16:30:30 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
change Version: Major, suffix remains equal (1.0.0-preview > 2.0.0-preview)
remove Policy (1)
|
2022-05-05 21:31:21 |
| SDN | f1535064-3294-48fa-94e2-6e83095a5c08 | Audit Public Network Access | Audit Azure resources that allow access from the public internet |
add Initiative
|
2022-04-28 17:39:07 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
add Policy (709)
change Version: Major (7.0.0 > 8.0.0) |
2022-04-22 19:50:54 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Major (46.2.0 > 47.0.0)
remove Policy (1)
|
2022-04-22 19:50:54 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
change Version: Minor (6.0.0 > 6.1.0) |
2022-04-22 19:50:54 |
| Regulatory Compliance | abf84fac-f817-a70c-14b5-47eec767458a | [Preview]: SWIFT CSP-CSCF v2021 | This initiative includes policies that address a subset of the SWIFT Customer Security Program's Customer Security Controls Framework v2021 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2021-init. |
add Initiative
|
2022-04-14 16:55:59 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
change Version: Patch (5.1.0 > 5.1.1) |
2022-04-07 17:18:35 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Version: Patch (10.1.0 > 10.1.1) |
2022-04-07 17:18:35 |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2020-init. |
change Version: Patch, suffix remains equal (3.1.0-preview > 3.1.1-preview) |
2022-04-07 17:18:35 |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-init. |
change Version: Patch, suffix remains equal (4.0.2-preview > 4.0.3-preview) |
2022-04-07 17:18:35 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
change Version: Patch (6.0.0 > 6.0.1) |
2022-04-07 17:18:35 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
change Version: Patch (5.1.0 > 5.1.1) |
2022-04-07 17:18:35 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
change Version: Major (45.2.0 > 46.2.0) |
2022-04-01 20:29:13 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
change Description
|
2022-04-01 20:29:13 |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2020-init. |
change Description
|
2022-04-01 20:29:13 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
change Description
|
2022-04-01 20:29:13 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
change Description
|
2022-04-01 20:29:13 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Description
|
2022-04-01 20:29:13 |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-init. |
change Description
|
2022-04-01 20:29:13 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
add Policy (1)
change Version: Major (6.0.0 > 7.0.0)
remove Policy (1)
|
2022-03-18 17:53:48 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
add Policy (1)
change Version: Major (10.0.0 > 11.0.0)
remove Policy (1)
|
2022-03-18 17:53:48 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
add Policy (1)
change Version: Major (10.0.0 > 11.0.0)
remove Policy (1)
|
2022-03-18 17:53:48 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
add Policy (1)
change Version: Major (6.0.0 > 7.0.0)
remove Policy (1)
|
2022-03-18 17:53:48 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
add Policy (1)
change Version: Major (8.0.0 > 9.0.0)
remove Policy (1)
|
2022-03-18 17:53:48 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
change Version: Major, suffix remains equal (4.1.0-preview > 5.0.0-preview)
remove Policy (1)
|
2022-03-18 17:53:48 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
change Version: Major (4.1.0 > 5.0.0) |
2022-03-18 17:53:48 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Version: Minor (45.0.0 > 45.2.0) |
2022-03-18 17:53:48 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Version: Major (10.0.0 > 11.0.0) |
2022-03-18 16:32:42 |
| Security Center | e20d08c5-6d64-656d-6465-ce9e37fd0ebc | [Preview]: Deploy Microsoft Defender for Endpoint agent | Deploy Microsoft Defender for Endpoint agent on applicable images. |
add Initiative
|
2022-02-24 18:28:50 |
| Kubernetes | 42b8ef37-b724-4e24-bbc8-7a7708edfe00 | Kubernetes cluster pod security restricted standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security restricted standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
change Version: Minor (2.1.1 > 2.2.0) |
2022-02-24 18:28:50 |
| Monitoring | 9575b8b7-78ab-4281-b53b-d3c1ace2260b | Configure Windows machines to run Azure Monitor Agent and associate them to a Data Collection Rule | Monitor and secure your Windows virtual machines, virtual machine scale sets, and Arc machines by deploying the Azure Monitor Agent extension and associating the machines with a specified Data Collection Rule. Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
add Policy (2)
change Version: Major (1.0.1 > 2.0.0) |
2022-02-10 17:19:06 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
remove Policy (1)
|
2022-01-27 17:51:51 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
remove Policy (1)
|
2022-01-27 17:51:51 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
remove Policy (1)
|
2022-01-27 17:51:51 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
remove Policy (1)
|
2022-01-27 17:51:51 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
change Description
|
2022-01-26 17:48:30 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
change Description
|
2022-01-26 17:48:30 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
change Description
|
2022-01-26 17:48:30 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Description
|
2022-01-26 17:48:30 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
|
2022-01-20 18:36:46 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
add Policy (3)
remove Policy (6)
|
2022-01-13 19:18:29 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
add Policy (3)
remove Policy (5)
|
2022-01-13 19:18:29 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
add Policy (2)
remove Policy (4)
|
2022-01-13 19:18:29 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
add Policy (2)
remove Policy (4)
|
2022-01-13 19:18:29 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
add Policy (1)
remove Policy (3)
|
2022-01-13 19:18:29 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
add Policy (1)
remove Policy (3)
|
2022-01-13 19:18:29 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
add Policy (1)
remove Policy (3)
|
2022-01-13 19:18:29 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
add Policy (1)
remove Policy (3)
|
2022-01-13 19:18:29 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
add Policy (1)
remove Policy (2)
|
2022-01-13 19:18:29 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
add Policy (1)
remove Policy (2)
|
2022-01-13 19:18:29 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
add Policy (1)
remove Policy (2)
|
2022-01-13 19:18:29 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
remove Policy (2)
|
2022-01-13 19:18:29 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
add Policy (1)
remove Policy (1)
|
2022-01-13 19:18:29 |
| Regulatory Compliance | 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 | PCI v3.2.1:2018 | This initiative includes policies that address a subset of PCI v3.2.1:2018 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/pciv321-init. |
change Description
|
2022-01-11 17:18:18 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
add Policy (188)
remove Policy (3)
|
2021-12-08 16:24:23 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (4)
remove Policy (5)
|
2021-12-08 16:24:23 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
add Policy (2)
remove Policy (3)
|
2021-12-08 16:24:23 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
add Policy (2)
remove Policy (3)
|
2021-12-08 16:24:23 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
add Policy (2)
remove Policy (3)
|
2021-12-08 16:24:23 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
add Policy (2)
remove Policy (3)
|
2021-12-08 16:24:23 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
add Policy (2)
remove Policy (3)
|
2021-12-08 16:24:23 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
add Policy (2)
remove Policy (2)
|
2021-12-08 16:24:23 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
add Policy (2)
remove Policy (2)
|
2021-12-08 16:24:23 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
add Policy (2)
remove Policy (2)
|
2021-12-08 16:24:23 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
add Policy (2)
remove Policy (2)
|
2021-12-08 16:24:23 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
add Policy (2)
remove Policy (2)
|
2021-12-08 16:24:23 |
| Regulatory Compliance | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 | RMIT Malaysia | This initiative includes policies that address a subset of RMIT requirements. Additional policies will be added in upcoming releases. For more information, visit aka.ms/rmit-initiative. |
add Initiative
|
2021-12-08 16:24:23 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Description
|
2021-12-02 17:19:01 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change Description
change DisplayName
|
2021-11-22 17:13:50 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (3)
remove Policy (1)
|
2021-11-15 17:00:50 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
change DisplayName
remove Policy (1)
|
2021-11-15 17:00:50 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
remove Policy (1)
|
2021-11-15 17:00:50 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
change DisplayName
|
2021-11-15 17:00:50 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
remove Policy (1)
|
2021-11-15 17:00:50 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
change DisplayName
|
2021-11-15 17:00:50 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
remove Policy (1)
|
2021-11-15 17:00:50 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
remove Policy (1)
|
2021-11-15 17:00:50 |
| Trusted Launch | 281d9e47-d14d-4f05-b8eb-18f2c4a034ff | [Preview]: Configure prerequisites to enable Guest Attestation on Trusted Launch enabled VMs | Configure the Trusted Launch enabled virtual machines to automatically install the Guest Attestation extension and enable system-assigned managed identity to allow Azure Security Center to proactively attest and monitor the boot integrity. Boot integrity is attested via Remote Attestation. For more details, please refer to the following link - https://aka.ms/trustedlaunch |
add Policy (2)
|
2021-10-29 15:48:14 |
| Monitoring | 118f04da-0375-44d1-84e3-0fd9e1849403 | Configure Linux machines to run Azure Monitor Agent and associate them to a Data Collection Rule | Monitor and secure your Linux virtual machines, virtual machine scale sets, and Arc machines by deploying the Azure Monitor Agent extension and associating the machines with a specified Data Collection Rule. Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
add Policy (2)
|
2021-10-21 16:53:32 |
| Monitoring | 9575b8b7-78ab-4281-b53b-d3c1ace2260b | Configure Windows machines to run Azure Monitor Agent and associate them to a Data Collection Rule | Monitor and secure your Windows virtual machines, virtual machine scale sets, and Arc machines by deploying the Azure Monitor Agent extension and associating the machines with a specified Data Collection Rule. Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Description
change DisplayName
|
2021-10-19 15:43:56 |
| Monitoring | 118f04da-0375-44d1-84e3-0fd9e1849403 | Configure Linux machines to run Azure Monitor Agent and associate them to a Data Collection Rule | Monitor and secure your Linux virtual machines, virtual machine scale sets, and Arc machines by deploying the Azure Monitor Agent extension and associating the machines with a specified Data Collection Rule. Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
change Description
change DisplayName
|
2021-10-19 15:43:56 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
|
2021-10-14 16:31:34 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
remove Policy (2)
|
2021-09-30 16:01:51 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
remove Policy (2)
|
2021-09-30 16:01:51 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
remove Policy (2)
|
2021-09-30 16:01:51 |
| Monitoring | a15f3269-2e10-458c-87a4-d5989e678a73 | [Deprecated]: Configure machines to automatically install the Azure Monitor and Azure Security agents on virtual machines | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. |
add Policy (1)
|
2021-09-30 16:01:51 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
|
2021-09-30 16:01:51 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
|
2021-09-23 15:53:12 |
| Trusted Launch | 281d9e47-d14d-4f05-b8eb-18f2c4a034ff | [Preview]: Configure prerequisites to enable Guest Attestation on Trusted Launch enabled VMs | Configure the Trusted Launch enabled virtual machines to automatically install the Guest Attestation extension and enable system-assigned managed identity to allow Azure Security Center to proactively attest and monitor the boot integrity. Boot integrity is attested via Remote Attestation. For more details, please refer to the following link - https://aka.ms/trustedlaunch |
add Initiative
|
2021-09-10 15:51:18 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (2)
|
2021-09-03 15:41:53 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
|
2021-08-27 15:09:16 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
remove Policy (3)
|
2021-08-12 19:47:01 |
| Security Center | 9cb3cc7a-b39b-4b82-bc89-e5a5d9ff7b97 | Configure Azure Defender to be enabled on SQL Servers and SQL Managed Instances | Enable Azure Defender on your SQL Servers and SQL Managed Instances to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. |
add Policy (1)
change DisplayName
|
2021-08-12 19:47:01 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change DisplayName
|
2021-08-12 19:47:01 |
| Security Center | 9cb3cc7a-b39b-4b82-bc89-e5a5d9ff7b97 | Configure Azure Defender to be enabled on SQL Servers and SQL Managed Instances | Enable Azure Defender on your SQL Servers and SQL Managed Instances to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. |
change Description
change DisplayName
|
2021-08-11 15:29:42 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
change Description
|
2021-08-11 15:29:42 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
add Policy (87)
remove Policy (12)
|
2021-07-16 14:58:38 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Description
|
2021-07-16 14:58:38 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Description
|
2021-07-16 14:58:38 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
change Description
|
2021-07-14 14:58:38 |
| Monitoring | a15f3269-2e10-458c-87a4-d5989e678a73 | [Deprecated]: Configure machines to automatically install the Azure Monitor and Azure Security agents on virtual machines | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. |
change DisplayName
|
2021-07-14 14:58:38 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
add Policy (207)
remove Policy (6)
|
2021-07-08 14:19:52 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
add Policy (206)
remove Policy (6)
|
2021-07-08 14:19:52 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
add Policy (199)
remove Policy (8)
|
2021-07-08 14:19:52 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
change DisplayName
|
2021-07-08 14:19:52 |
| Regulatory Compliance | 179d1daa-458f-4e47-8086-2a68d0d6c38f | NIST SP 800-53 Rev. 5 | National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative |
add Initiative
|
2021-07-08 14:19:52 |
| Monitoring | a15f3269-2e10-458c-87a4-d5989e678a73 | [Deprecated]: Configure machines to automatically install the Azure Monitor and Azure Security agents on virtual machines | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. |
add Policy (1)
|
2021-06-22 14:29:04 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
remove Policy (1)
|
2021-06-22 14:29:04 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
remove Policy (1)
|
2021-06-22 14:29:04 |
| Monitoring | 39a366e6-fdde-4f41-bbf8-3757f46d1611 | [Preview]: Configure Azure Defender for SQL agents on virtual machines | Configure virtual machines to automatically install the Azure Defender for SQL agents where the Azure Monitor Agent is installed. Security Center collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Creates a resource group and Log Analytics workspace in the same region as the machine. This policy only applies to VMs in a few regions. |
add Initiative
|
2021-06-02 22:44:53 |
| Monitoring | 118f04da-0375-44d1-84e3-0fd9e1849403 | Configure Linux machines to run Azure Monitor Agent and associate them to a Data Collection Rule | Monitor and secure your Linux virtual machines, virtual machine scale sets, and Arc machines by deploying the Azure Monitor Agent extension and associating the machines with a specified Data Collection Rule. Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
add Initiative
|
2021-05-26 13:43:18 |
| Monitoring | 9575b8b7-78ab-4281-b53b-d3c1ace2260b | Configure Windows machines to run Azure Monitor Agent and associate them to a Data Collection Rule | Monitor and secure your Windows virtual machines, virtual machine scale sets, and Arc machines by deploying the Azure Monitor Agent extension and associating the machines with a specified Data Collection Rule. Deployment will occur on machines with supported OS images (or machines matching the provided list of images) in supported regions. |
add Initiative
|
2021-05-26 13:43:18 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (9)
|
2021-05-18 14:34:49 |
| Guest Configuration | d618d658-b2d0-410e-9e2e-bfbfd04d09fa | [Deprecated]: Audit Windows VMs that do not match Azure compute security baseline settings | This initiative deploys the policy requirements and audits Windows virtual machines with non-compliant Azure compute security baseline configurations. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change Description
change DisplayName
|
2021-05-13 14:39:12 |
| Guest Configuration | be7a78aa-3e10-4153-a5fd-8c6506dbc821 | [Preview]: Windows machines should meet requirements for the Azure compute security baseline | This initiative audits Windows machines with settings that do not meet the Azure compute security baseline. For details, please visit https://aka.ms/gcpol |
change Description
change DisplayName
|
2021-05-13 14:39:12 |
| Guest Configuration | 12794019-7a00-42cf-95c2-882eed337cc8 | Deploy prerequisites to enable Guest Configuration policies on virtual machines | This initiative adds a system-assigned managed identity and deploys the platform-appropriate Guest Configuration extension to virtual machines that are eligible to be monitored by Guest Configuration policies. This is a prerequisite for all Guest Configuration policies and must be assigned to the policy assignment scope before using any Guest Configuration policy. For more information on Guest Configuration, visit https://aka.ms/gcpol. |
change DisplayName
|
2021-05-11 14:06:20 |
| Security Center | e77fc0b3-f7e9-4c58-bc13-cb753ed8e46e | Configure Advanced Threat Protection to be enabled on open-source relational databases | Enable Advanced Threat Protection on your non-Basic tier open-source relational databases to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. See https://aka.ms/AzDforOpenSourceDBsDocu. |
add Initiative
|
2021-05-11 14:06:20 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
remove Policy (2)
|
2021-05-04 14:34:05 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
remove Policy (2)
|
2021-04-21 13:28:48 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
remove Policy (2)
|
2021-04-21 13:28:48 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
remove Policy (1)
|
2021-04-21 13:28:48 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (4)
|
2021-04-13 13:29:23 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
change DisplayName
|
2021-04-07 13:27:17 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
change DisplayName
|
2021-04-07 13:27:17 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
add Policy (8)
remove Policy (1)
|
2021-03-31 14:35:06 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
|
2021-03-24 14:32:49 |
| Network | 62329546-775b-4a3d-a4cb-eb4bb990d2c0 | Flow logs should be configured and enabled for every network security group | Audit for network security groups to verify if flow logs are configured and if flow log status is enabled. Enabling flow logs allows to log information about IP traffic flowing through network security group. It can be used for optimizing network flows, monitoring throughput, verifying compliance, detecting intrusions and more. |
add Initiative
|
2021-03-10 14:52:45 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
change DisplayName
|
2021-03-10 14:52:45 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
remove Policy (2)
|
2021-03-02 20:05:39 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (13)
|
2021-02-23 16:24:42 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
add Policy (2)
|
2021-02-17 14:28:42 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
add Policy (2)
|
2021-02-17 14:28:42 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
remove Policy (2)
|
2021-02-17 14:28:42 |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | CIS Microsoft Azure Foundations Benchmark v1.3.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative |
add Initiative
|
2021-02-17 14:28:42 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change Description
change DisplayName
|
2021-02-09 14:46:37 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
change Description
|
2021-02-09 14:46:37 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
change Description
|
2021-02-09 14:46:37 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
change Description
|
2021-02-09 14:46:37 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
remove Policy (2)
|
2021-02-03 15:09:01 |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Deprecated]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. |
add Initiative
|
2021-02-03 15:09:01 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
change DisplayName
remove Policy (2)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
add Policy (1)
remove Policy (2)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
add Policy (1)
remove Policy (2)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
change DisplayName
remove Policy (1)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
add Policy (1)
remove Policy (1)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
add Policy (1)
remove Policy (1)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
add Policy (1)
remove Policy (1)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-init. |
add Policy (1)
remove Policy (1)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
add Policy (1)
remove Policy (1)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 | PCI v3.2.1:2018 | This initiative includes policies that address a subset of PCI v3.2.1:2018 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/pciv321-init. |
add Policy (1)
remove Policy (1)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
add Policy (1)
remove Policy (1)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
remove Policy (2)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
add Policy (1)
remove Policy (1)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
remove Policy (1)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
remove Policy (1)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
remove Policy (1)
|
2021-01-22 09:14:56 |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. |
add Initiative
|
2021-01-22 09:14:56 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
remove Policy (1)
|
2021-01-22 09:14:56 |
| Monitoring | a15f3269-2e10-458c-87a4-d5989e678a73 | [Deprecated]: Configure machines to automatically install the Azure Monitor and Azure Security agents on virtual machines | This policy initiative is deprecated as part of Microsoft Defender for Cloud updated strategy. As part of this strategy, Azure Monitor agent is no longer required to receive Defender for Servers security features, but is required for Defender for SQL Server on machines. For more information visit: https://aka.ms/MdcAgentStrategy. Configure machines to automatically install the Azure Monitor and Azure Security agents. |
add Initiative
|
2021-01-22 09:14:56 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
change Description
|
2021-01-20 16:06:15 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
add Policy (4)
|
2021-01-14 16:08:03 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
change Description
change DisplayName
|
2021-01-13 16:08:35 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (34)
|
2021-01-05 16:06:49 |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center |
add Initiative
|
2021-01-05 16:06:49 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (4)
remove Policy (1)
|
2020-12-11 15:42:52 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (17)
|
2020-10-27 14:12:47 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
|
2020-10-13 13:23:38 |
| Kubernetes | a8640138-9b0a-4a28-b8cb-1666c838647d | Kubernetes cluster pod security baseline standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security baseline standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
change Description
|
2020-10-13 13:23:38 |
| Kubernetes | 42b8ef37-b724-4e24-bbc8-7a7708edfe00 | Kubernetes cluster pod security restricted standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security restricted standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
change Description
|
2020-10-13 13:23:38 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (5)
remove Policy (1)
|
2020-09-15 14:06:41 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
remove Policy (1)
|
2020-09-15 14:06:41 |
| Kubernetes | 42b8ef37-b724-4e24-bbc8-7a7708edfe00 | Kubernetes cluster pod security restricted standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security restricted standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
change DisplayName
|
2020-09-15 14:06:41 |
| Kubernetes | a8640138-9b0a-4a28-b8cb-1666c838647d | Kubernetes cluster pod security baseline standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security baseline standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
change DisplayName
|
2020-09-15 14:06:41 |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2020-init. |
add Policy (17)
remove Policy (26)
|
2020-09-09 11:24:08 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
add Policy (16)
remove Policy (24)
|
2020-09-09 11:24:08 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
add Policy (16)
remove Policy (24)
|
2020-09-09 11:24:08 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
add Policy (16)
remove Policy (24)
|
2020-09-09 11:24:08 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
add Policy (16)
remove Policy (24)
|
2020-09-09 11:24:08 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
add Policy (16)
remove Policy (24)
|
2020-09-09 11:24:08 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
add Policy (15)
remove Policy (22)
|
2020-09-09 11:24:08 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
add Policy (14)
remove Policy (20)
|
2020-09-09 11:24:08 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
add Policy (13)
remove Policy (19)
|
2020-09-09 11:24:08 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
add Policy (13)
remove Policy (18)
|
2020-09-09 11:24:08 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
add Policy (9)
remove Policy (16)
|
2020-09-09 11:24:08 |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-init. |
add Policy (6)
remove Policy (10)
|
2020-09-09 11:24:08 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
add Policy (5)
remove Policy (8)
|
2020-09-09 11:24:08 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
add Policy (4)
remove Policy (8)
|
2020-09-09 11:24:08 |
| Regulatory Compliance | 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 | PCI v3.2.1:2018 | This initiative includes policies that address a subset of PCI v3.2.1:2018 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/pciv321-init. |
add Policy (6)
remove Policy (6)
|
2020-09-09 11:24:08 |
| Guest Configuration | 06c5e415-a662-463a-bb85-ede14286b979 | [Deprecated]: Audit Windows VMs on which the Log Analytics agent is not connected as expected | This initiative deploys the policy requirements and audits Windows virtual machines on which the Log Analytics agent is not connected to the specified workspaces. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | d7fff7ea-9d47-4952-b854-b7da261e48f2 | [Deprecated]: Audit Windows VMs that have the specified applications installed | This initiative deploys the policy requirements and audits Windows virtual machines that have the specified applications installed. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | b8b5b0a8-b809-4e5d-8082-382c686e35b7 | [Deprecated]: Audit Windows VMs that have not restarted within the specified number of days | This initiative deploys the policy requirements and audits Windows virtual machines that have not restarted within the specified number of days. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | b6f5e05c-0aaa-4337-8dd4-357c399d12ae | [Deprecated]: Audit Windows VMs that contain certificates expiring within the specified number of days | This initiative deploys the policy requirements and audits Windows virtual machines that contain certificates expiring within the specified number of days. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | 3fa7cbf5-c0a4-4a59-85a5-cca4d996d5a6 | [Deprecated]: Audit VMs with insecure password security settings | This initiative deploys the policy requirements and audits virtual machines with insecure password security settings. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | c58599d5-0d51-454f-aaf1-da18a5e76edd | [Deprecated]: Audit Windows VMs on which the DSC configuration is not compliant | This initiative deploys the policy requirements and audits Windows VMs on which the Desired State Configuration (DSC) configuration is not compliant. This policy is only applicable to machines with WMF 4 and above. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | 06122b01-688c-42a8-af2e-fa97dd39aa3b | [Deprecated]: Audit Windows VMs in which the Administrators group does not contain only the specified members | This initiative deploys the policy requirements and audits Windows virtual machines in which the Administrators group does not contain only the specified members. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | acb6cd8e-45f5-466f-b3cb-ff6fce525f71 | [Deprecated]: Audit Windows Server VMs on which Windows Serial Console is not enabled | This initiative deploys the policy requirements and audits Windows Server virtual machines on which Windows Serial Console is not enabled. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | 095e4ed9-c835-4ab6-9439-b5644362a06c | Audit machines with insecure password security settings | This initiative deploys the policy requirements and audits machines with insecure password security settings. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
add Initiative
|
2020-09-09 11:24:08 |
| Guest Configuration | f48bcc78-5400-4fb0-b913-5140a2e5fa20 | [Deprecated]: Audit Linux VMs that have the specified applications installed | This initiative deploys the policy requirements and audits Linux virtual machines that have the specified applications installed. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | 6b3c1e80-8ae5-405b-b021-c23d13b3959f | [Deprecated]: Audit Windows VMs that are not joined to the specified domain | This initiative deploys the policy requirements and audits Windows virtual machines that are not joined to the specified domain. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | 133046de-0bd7-4546-93f4-f452e9e258b7 | [Deprecated]: Audit Windows VMs in which the Administrators group does not contain all of the specified members | This initiative deploys the policy requirements and audits Windows virtual machines in which the Administrators group does not contain all of the specified members. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | 538942d3-3fae-4fb6-9d94-744f9a51e7da | [Deprecated]: Audit Windows VMs that are not set to the specified time zone | This initiative deploys the policy requirements and audits Windows virtual machines that are not set to the specified time zone. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | cdfcc6ff-945e-4bc6-857e-056cbc511e0c | [Deprecated]: Audit Windows VMs that do not contain the specified certificates in Trusted Root | This initiative deploys the policy requirements and audits Windows VMs that do not contain the specified certificates in the Trusted Root Certification Authorities certificate store (Cert:\LocalMachine\Root). For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | add1999e-a61c-46d3-b8c3-f35fb8398175 | [Deprecated]: Audit Windows VMs in which the Administrators group contains any of the specified members | This initiative deploys the policy requirements and audits Windows virtual machines in which the Administrators group contains any of the specified members. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | 8eeec860-e2fa-4f89-a669-84942c57225f | [Deprecated]: Audit Windows VMs on which the specified services are not installed and 'Running' | This initiative deploys the policy requirements and audits Windows virtual machines on which the specified services are not installed and 'Running'. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | 4ddaefff-7c78-4824-9b27-5c344f3cdf90 | [Deprecated]: Audit Windows VMs on which the remote host connection status does not match the specified one | This initiative deploys the policy requirements and audits Windows virtual machines on which the remote host connection status does not match the specified one. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | c96b2a9c-6fab-4ac2-ae21-502143491cd4 | [Deprecated]: Audit Windows VMs with a pending reboot | This initiative deploys the policy requirements and audits Windows virtual machines with a pending reboot. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | c937dcb4-4398-4b39-8d63-4a6be432252e | [Deprecated]: Audit Linux VMs that do not have the specified applications installed | This initiative deploys the policy requirements and audits Linux virtual machines that do not have the specified applications installed. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | 25ef9b72-4af2-4501-acd1-fc814e73dde1 | [Deprecated]: Audit Windows VMs that do not have the specified applications installed | This initiative deploys the policy requirements and audits Windows virtual machines that do not have the specified applications installed. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Guest Configuration | 8bc55e6b-e9d5-4266-8dac-f688d151ec9c | [Deprecated]: Audit Windows web servers that are not using secure communication protocols | This initiative deploys the policy requirements and audits Windows web servers that are not using secure communication protocols (TLS 1.1 or TLS 1.2). For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-09-09 11:24:08 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
add Policy (3)
remove Policy (7)
|
2020-09-02 14:03:46 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
remove Policy (7)
|
2020-09-02 14:03:46 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
remove Policy (4)
|
2020-09-02 14:03:46 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
remove Policy (4)
|
2020-09-02 14:03:46 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
|
2020-08-28 14:17:28 |
| Guest Configuration | f000289c-47af-4043-87da-91ba9e1a2720 | [Deprecated]: Audit Windows VMs that do not have the specified Windows PowerShell execution policy | This initiative deploys the policy requirements and audits Windows virtual machines where Windows PowerShell is not configured to use the specified PowerShell execution policy. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-08-28 14:17:28 |
| Guest Configuration | c980fd64-c67f-49a6-a8a8-e57661150802 | [Deprecated]: Audit Windows VMs that do not have the specified Windows PowerShell modules installed | This initiative deploys the policy requirements and audits Windows virtual machines that do not have the specified Windows PowerShell modules installed. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-08-28 14:17:28 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
add Policy (14)
remove Policy (22)
|
2020-08-21 13:50:30 |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-init. |
add Policy (10)
remove Policy (14)
|
2020-08-21 13:50:30 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
add Policy (7)
remove Policy (8)
|
2020-08-21 13:50:30 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
add Policy (4)
remove Policy (2)
|
2020-08-21 13:50:30 |
| Guest Configuration | d618d658-b2d0-410e-9e2e-bfbfd04d09fa | [Deprecated]: Audit Windows VMs that do not match Azure compute security baseline settings | This initiative deploys the policy requirements and audits Windows virtual machines with non-compliant Azure compute security baseline configurations. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-08-21 13:50:30 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
remove Policy (1)
|
2020-08-21 13:50:30 |
| Guest Configuration | be7a78aa-3e10-4153-a5fd-8c6506dbc821 | [Preview]: Windows machines should meet requirements for the Azure compute security baseline | This initiative audits Windows machines with settings that do not meet the Azure compute security baseline. For details, please visit https://aka.ms/gcpol |
add Initiative
|
2020-08-21 13:50:30 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (8)
remove Policy (1)
|
2020-08-20 14:04:33 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (7)
|
2020-08-07 14:05:08 |
| Guest Configuration | 12794019-7a00-42cf-95c2-882eed337cc8 | Deploy prerequisites to enable Guest Configuration policies on virtual machines | This initiative adds a system-assigned managed identity and deploys the platform-appropriate Guest Configuration extension to virtual machines that are eligible to be monitored by Guest Configuration policies. This is a prerequisite for all Guest Configuration policies and must be assigned to the policy assignment scope before using any Guest Configuration policy. For more information on Guest Configuration, visit https://aka.ms/gcpol. |
add Initiative
|
2020-07-17 15:57:10 |
| Kubernetes | 42b8ef37-b724-4e24-bbc8-7a7708edfe00 | Kubernetes cluster pod security restricted standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security restricted standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
add Policy (1)
|
2020-07-14 15:28:17 |
| Kubernetes | a8640138-9b0a-4a28-b8cb-1666c838647d | Kubernetes cluster pod security baseline standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security baseline standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
add Initiative
|
2020-07-08 14:28:36 |
| Kubernetes | 42b8ef37-b724-4e24-bbc8-7a7708edfe00 | Kubernetes cluster pod security restricted standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security restricted standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. |
add Initiative
|
2020-07-08 14:28:36 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
remove Policy (6)
|
2020-07-01 14:50:07 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
remove Policy (6)
|
2020-07-01 14:50:07 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
remove Policy (6)
|
2020-07-01 14:50:07 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
remove Policy (3)
|
2020-07-01 14:50:07 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
remove Policy (2)
|
2020-07-01 14:50:07 |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-init. |
remove Policy (1)
|
2020-07-01 14:50:07 |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2020-init. |
remove Policy (1)
|
2020-07-01 14:50:07 |
| Guest Configuration | 12794019-7a00-42cf-95c2-882eed337cc8 | Deploy prerequisites to enable Guest Configuration policies on virtual machines | This initiative adds a system-assigned managed identity and deploys the platform-appropriate Guest Configuration extension to virtual machines that are eligible to be monitored by Guest Configuration policies. This is a prerequisite for all Guest Configuration policies and must be assigned to the policy assignment scope before using any Guest Configuration policy. For more information on Guest Configuration, visit https://aka.ms/gcpol. |
remove Initiative
|
2020-06-29 05:46:42 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
add Policy (79)
|
2020-06-23 16:03:23 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (8)
remove Policy (6)
|
2020-06-23 16:03:23 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
remove Policy (1)
|
2020-06-23 16:03:23 |
| Guest Configuration | 12794019-7a00-42cf-95c2-882eed337cc8 | Deploy prerequisites to enable Guest Configuration policies on virtual machines | This initiative adds a system-assigned managed identity and deploys the platform-appropriate Guest Configuration extension to virtual machines that are eligible to be monitored by Guest Configuration policies. This is a prerequisite for all Guest Configuration policies and must be assigned to the policy assignment scope before using any Guest Configuration policy. For more information on Guest Configuration, visit https://aka.ms/gcpol. |
add Initiative
|
2020-06-23 16:03:23 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
remove Policy (1)
|
2020-06-23 16:03:23 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
remove Policy (1)
|
2020-06-23 16:03:23 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Description
|
2020-06-22 16:06:26 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
change Description
change DisplayName
|
2020-06-16 14:55:25 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
change Description
change DisplayName
|
2020-06-16 14:55:25 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
change Description
change DisplayName
|
2020-06-16 14:55:25 |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | Health Information Trust Alliance (HITRUST) helps organizations from all sectors-but especially healthcare-effectively manage data, information risk, and compliance. HITRUST certification means that the organization has undergone a thorough assessment of the information security program. These policies address a subset of HITRUST controls. For more information, visit https://docs.microsoft.com/azure/governance/policy/samples/hipaa-hitrust-9-2 |
change Description
change DisplayName
|
2020-06-16 14:55:25 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
change Description
change DisplayName
|
2020-06-16 14:55:25 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change Description
change DisplayName
|
2020-06-16 14:55:25 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
change Description
change DisplayName
|
2020-06-16 14:55:25 |
| Regulatory Compliance | 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 | PCI v3.2.1:2018 | This initiative includes policies that address a subset of PCI v3.2.1:2018 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/pciv321-init. |
change Description
change DisplayName
|
2020-06-16 14:55:25 |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift2020-init. |
change Description
change DisplayName
|
2020-06-16 14:55:25 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
change Description
change DisplayName
|
2020-06-16 14:55:25 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
change Description
change DisplayName
|
2020-06-16 14:55:25 |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-init. |
change Description
change DisplayName
|
2020-06-16 14:55:25 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
change Description
change DisplayName
|
2020-06-16 14:55:25 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
change Description
change DisplayName
|
2020-06-16 14:55:25 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
change Description
|
2020-06-16 14:55:25 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
add Policy (9)
remove Policy (2)
|
2020-06-11 19:46:04 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (1)
remove Policy (3)
|
2020-06-11 19:46:04 |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | NIST SP 800-171 Rev. 2 | The US National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidelines to help protect the information and information systems of federal agencies. In response to Executive Order 13556 on managing controlled unclassified information (CUI), it published NIST SP 800-171. These policies address a subset of NIST SP 800-171 Rev. 2 controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-nist-800-171 |
add Initiative
|
2020-06-11 19:46:04 |
| Guest Configuration | d618d658-b2d0-410e-9e2e-bfbfd04d09fa | [Deprecated]: Audit Windows VMs that do not match Azure compute security baseline settings | This initiative deploys the policy requirements and audits Windows virtual machines with non-compliant Azure compute security baseline configurations. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-06-11 19:46:04 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
change DisplayName
|
2020-06-11 19:46:04 |
| Guest Configuration | b8b5b0a8-b809-4e5d-8082-382c686e35b7 | [Deprecated]: Audit Windows VMs that have not restarted within the specified number of days | This initiative deploys the policy requirements and audits Windows virtual machines that have not restarted within the specified number of days. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-06-11 19:46:04 |
| Guest Configuration | 3fa7cbf5-c0a4-4a59-85a5-cca4d996d5a6 | [Deprecated]: Audit VMs with insecure password security settings | This initiative deploys the policy requirements and audits virtual machines with insecure password security settings. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-06-11 19:46:04 |
| Guest Configuration | cdfcc6ff-945e-4bc6-857e-056cbc511e0c | [Deprecated]: Audit Windows VMs that do not contain the specified certificates in Trusted Root | This initiative deploys the policy requirements and audits Windows VMs that do not contain the specified certificates in the Trusted Root Certification Authorities certificate store (Cert:\LocalMachine\Root). For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-06-11 19:46:04 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
change DisplayName
|
2020-06-11 19:46:04 |
| Guest Configuration | 4ddaefff-7c78-4824-9b27-5c344f3cdf90 | [Deprecated]: Audit Windows VMs on which the remote host connection status does not match the specified one | This initiative deploys the policy requirements and audits Windows virtual machines on which the remote host connection status does not match the specified one. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-06-11 19:46:04 |
| Guest Configuration | 06c5e415-a662-463a-bb85-ede14286b979 | [Deprecated]: Audit Windows VMs on which the Log Analytics agent is not connected as expected | This initiative deploys the policy requirements and audits Windows virtual machines on which the Log Analytics agent is not connected to the specified workspaces. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-06-11 19:46:04 |
| Guest Configuration | b6f5e05c-0aaa-4337-8dd4-357c399d12ae | [Deprecated]: Audit Windows VMs that contain certificates expiring within the specified number of days | This initiative deploys the policy requirements and audits Windows virtual machines that contain certificates expiring within the specified number of days. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-06-11 19:46:04 |
| Guest Configuration | c58599d5-0d51-454f-aaf1-da18a5e76edd | [Deprecated]: Audit Windows VMs on which the DSC configuration is not compliant | This initiative deploys the policy requirements and audits Windows VMs on which the Desired State Configuration (DSC) configuration is not compliant. This policy is only applicable to machines with WMF 4 and above. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-06-11 19:46:04 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
change Description
change DisplayName
|
2020-06-01 18:36:21 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
add Policy (4)
change DisplayName
|
2020-05-29 15:39:26 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (4)
|
2020-05-29 15:39:26 |
| Monitoring | 55f3eceb-5573-4f18-9695-226972c6d74a | Legacy - Enable Azure Monitor for VMs | Legacy - Enable Azure Monitor for the virtual machines (VMs) in the specified scope (management group, subscription or resource group). Takes Log Analytics workspace as parameter. Use the new initiative named: Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) |
add Policy (2)
|
2020-05-29 15:39:26 |
| Cosmos DB | cb5e1e90-7c33-491c-a15b-24885c915752 | Enable Azure Cosmos DB throughput policy | Enable throughput control for Azure Cosmos DB resources in the specified scope (Management group, Subscription or resource group). Takes max throughput as parameter. Use this policy to help enforce throughput control via the resource provider. |
add Initiative
|
2020-05-29 15:39:26 |
| Monitoring | 55f3eceb-5573-4f18-9695-226972c6d74a | Legacy - Enable Azure Monitor for VMs | Legacy - Enable Azure Monitor for the virtual machines (VMs) in the specified scope (management group, subscription or resource group). Takes Log Analytics workspace as parameter. Use the new initiative named: Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) |
add Policy (1)
|
2020-05-21 16:06:36 |
| Monitoring | 55f3eceb-5573-4f18-9695-226972c6d74a | Legacy - Enable Azure Monitor for VMs | Legacy - Enable Azure Monitor for the virtual machines (VMs) in the specified scope (management group, subscription or resource group). Takes Log Analytics workspace as parameter. Use the new initiative named: Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) |
add Policy (1)
|
2020-05-14 05:31:20 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
change Description
|
2020-04-23 15:06:19 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
add Policy (16)
|
2020-04-22 04:43:14 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (3)
|
2020-04-22 04:43:14 |
| Guest Configuration | 9d2fd8e6-95c8-410d-add0-43ada4241574 | [Deprecated]: Audit Windows VMs on which Windows Defender Exploit Guard is not enabled | This initiative deploys the policy requirements and audits Windows virtual machines on which Windows Defender Exploit Guard is not enabled. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol |
change DisplayName
|
2020-04-22 04:43:14 |
| Monitoring | 75714362-cae7-409e-9b99-a8e5075b7fad | Legacy - Enable Azure Monitor for Virtual Machine Scale Sets | Legacy - Enable Azure Monitor for the Virtual Machine Scale Sets in the specified scope (Management group, Subscription or resource group). Takes Log Analytics workspace as parameter. Use the new initiative named: Enable Azure Monitor for VMSS with Azure Monitoring Agent(AMA). Note: if your scale set upgradePolicy is set to Manual, you need to apply the extension to the all VMs in the set by calling upgrade on them. In CLI this would be az vmss update-instances. |
change DisplayName
|
2020-04-22 04:43:14 |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes policies that address a subset of Australian Government Information Security Manual (ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/auism-initiative. |
add Initiative
|
2020-04-22 04:43:14 |
| Monitoring | 55f3eceb-5573-4f18-9695-226972c6d74a | Legacy - Enable Azure Monitor for VMs | Legacy - Enable Azure Monitor for the virtual machines (VMs) in the specified scope (management group, subscription or resource group). Takes Log Analytics workspace as parameter. Use the new initiative named: Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) |
change DisplayName
|
2020-04-22 04:43:14 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
change Description
change DisplayName
|
2020-03-16 18:14:00 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
change DisplayName
|
2020-03-10 16:29:48 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
add Policy (30)
remove Policy (2)
|
2020-03-03 10:09:24 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
add Policy (13)
remove Policy (2)
|
2020-03-03 10:09:24 |
| Monitoring | 75714362-cae7-409e-9b99-a8e5075b7fad | Legacy - Enable Azure Monitor for Virtual Machine Scale Sets | Legacy - Enable Azure Monitor for the Virtual Machine Scale Sets in the specified scope (Management group, Subscription or resource group). Takes Log Analytics workspace as parameter. Use the new initiative named: Enable Azure Monitor for VMSS with Azure Monitoring Agent(AMA). Note: if your scale set upgradePolicy is set to Manual, you need to apply the extension to the all VMs in the set by calling upgrade on them. In CLI this would be az vmss update-instances. |
change Description
change DisplayName
|
2020-02-29 21:43:11 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
remove Policy (2)
|
2020-02-20 08:25:18 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
remove Policy (1)
|
2020-02-20 08:25:18 |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | The International Organization for Standardization (ISO) 27001 standard provides requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). These policies address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init |
remove Policy (1)
|
2020-02-20 08:25:18 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
remove Policy (1)
|
2020-02-20 08:25:18 |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (Moderate) controls. Additional policies will be added in upcoming releases. For more information, visit https://www.fedramp.gov/documents-templates/ |
remove Policy (1)
|
2020-02-20 08:25:18 |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-init. |
remove Policy (1)
|
2020-02-20 08:25:18 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
remove Policy (1)
|
2020-02-20 08:25:18 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
remove Policy (1)
|
2020-02-20 08:25:18 |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-init. |
remove Policy (1)
|
2020-02-20 08:25:18 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
remove Policy (1)
|
2020-02-20 08:25:18 |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DoD Impact Level 4 | This initiative includes policies that address a subset of DoD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-initiative. |
add Initiative
|
2020-02-05 07:51:53 |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. |
add Initiative
|
2020-02-05 07:51:53 |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-init. |
add Initiative
|
2020-01-09 16:38:57 |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-init and https://aka.ms/uknhs-init. |
add Policy (24)
|
2019-12-04 08:49:52 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
remove Policy (1)
|
2019-12-04 08:49:52 |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based products and services. FedRAMP defines a set of controls for Low, Moderate, or High security impact level systems based on NIST baseline controls. These policies address a subset of FedRAMP (High) controls. For more information, visit https://docs.microsoft.com/azure/compliance/offerings/offering-fedramp |
add Initiative
|
2019-12-04 08:49:52 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (2)
|
2019-11-27 16:13:13 |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 Rev. 4 | National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative |
add Policy (728)
|
2019-11-21 16:22:58 |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative |
add Policy (29)
|
2019-11-20 21:24:34 |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Microsoft cloud security benchmark | The Microsoft cloud security benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft cloud security benchmark, see https://aka.ms/azsecbm. This also serves as the Microsoft Defender for Cloud default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Microsoft Defender for Cloud. |
add Policy (9)
|
2019-10-29 23:53:40 |