Cloud defender recommendations

Vishal 1,356 Reputation points
2022-11-04T16:44:24.173+00:00

Experts.

If we have added a VM to Cloud Defender recommendation for adaptive application control audit, please guide how to remove it from the auditing.

Thanks

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
600 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
819 questions
0 comments
Accepted answer
  1. Andrew Blumhardt 8,106 Reputation points Microsoft Employee
    2022-11-04T17:03:43.087+00:00

    All of your servers will be listed in Adaptive Application Control group recommendations. You can accept as-is or modify these groups. After you activate the group you will get app audit alerts. To remove the server just remove it from any active AAC groups.

    I don't think there is a way to turn off the groups recommendations in the AAC page.

    If you are seeing a recommendation to turn on AAC for a server you can set a recommendation exclusion if needed.

    This is of course an audit-only solution. Though it leverages AppLocker. You cannot use both, it takes over the AL policy,

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest