In Azure policy assigning an Azure Security Benchmark initiave for version 2 is not working

Nuno Moncheira 1 Reputation point

After assigning the Azure Security Benchmark initiative to a brand new subscription, it seems that the compliance results are based on security controls v3 and not on v2 version.
When assigning the initiative we can clearly see it mentions v2 version


Still when looking into the "Initiave Complaince" section the results we have there all seem to be based on v3.

Example LT-1
V2: Enable threat detection for Azure resources
V3: Enable threat detection capabilities (This is what appears on Portal)

Even if i use Az CLI or Powershell the result is the same.

Is this a Bug? Is it possible to change? For me it's really importante, because i have lots of work done using the version 2 of security controls.

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
831 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Stanislav Zhelyazkov 22,251 Reputation points MVP

    You are using v3 as the v1 and v2 are deprecated and they are not seen in Azure Portal. The description does not mention that this is v2 version. It mentions that recommendations from v2 are within this initiative. Never the less all the built-in policies and initiatives are available in this repository. If you see any issues with the description you can post an issue in that repository.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.