question

pulkitj-3565 avatar image
0 Votes"
pulkitj-3565 asked JamesTran-MSFT commented

Azure API to fetch all recommendations used in azure security benchmark

Currently there is no way to fetch all recommendations from Microsoft Defender for Cloud which are being used in Azure Security Benchmark or in any particular benchmark. I would want to know, if there is any workaround to fetch recommendations based on a particular benchmark or currently this functionality does not exist in Azure REST API.

azure-security-center
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

JamesTran-MSFT avatar image
0 Votes"
JamesTran-MSFT answered JamesTran-MSFT commented

@pulkitj-3565
Thank you for your post and I apologize for the delayed response!

When it comes to an Azure API to get all the recommendations used within an Azure Security Benchmark or any other benchmark, you should be able to leverage the Regulatory Compliance Controls - List REST API.

 GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards/{regulatoryComplianceStandardName}/regulatoryComplianceControls?api-version=2019-01-01-preview

192881-image.png



If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.


Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.


image.png (147.9 KiB)
· 6
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@pulkitj-3565
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue?

0 Votes 0 ·

This partly solves my problem. This API just lists down the controls under a particular benchmark but I need status of individual policies that are linked to each of these compliance controls.

0 Votes 0 ·

@pulkitj-356
Thank you for following up on this!

When it comes to the status of individual policies that're linked to each of the compliance controls, can you share a screenshot of what you're referring to so I can gain a better understanding of your issue?

If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.

0 Votes 0 ·
Show more comments