This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 60%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYS%3C/text%3E%3C/svg%3E)
Hi, we are trying to comply with NIST standard. Microfost Defender for Cloud offers NIST checklist. While I working through the list, I am quite confused.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
To trigger evaluation of Azure Policy (which how this checklist is implemented), refer to https://learn.microsoft.com/en-us/azure/governance/policy/how-to/get-compliance-data
Regarding the results, this appears to apply to Defender for Servers - refer to https://learn.microsoft.com/en-us/azure/defender-for-cloud/plan-defender-for-servers-select-plan
hth
Marcin
I have an error "Storage accounts should use private link" in the checklist, but I have disabled all public network access in my storage account (I don't really use this storage account, it was created automatically by my web app service for monitoring purpose?).
Does it mean I HAVE to create a private endpoint connection for this storage to be compliant?
Another error I couldn't figure out the solution: App Service apps should have resource logs enabled
I enabled the application log in my web app:
Follow the instructions if you want to fully comply with the standard.
hth
Marcin