Defender - Machines should be configured securely

Ryan Pighin 66 Reputation points
2022-05-09T18:33:41.883+00:00

We are new to Azure and have a few VMs running. In our recommendation from Defender for cloud there are a lot of fixes we need to apply under "Machines should be configured securely (see below example). Wondering how sites deal with this? Are you aware of a policy that can be created to make these changes instead of doing it one by one? We are not using an Azure domain so we do not have the option of a GPO. Just looking for a more efficient way of tackling these current server and any future servers that are built.
Thx
Ryan

200385-image.png

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,614 questions
0 comments No comments
{count} votes

Accepted answer
  1. Givary-MSFT 30,931 Reputation points Microsoft Employee
    2022-05-10T10:33:37.07+00:00

    @Ryan Pighin

    Thank you for reaching out to us. As I understand you are looking to remediate the issues reported by defender for cloud for your Azure VM's.

    As you mentioned you don't have domain setup, you can leverage Desired state Configuration option to push these settings to the Azure Machines.

    Reference articles:

    https://learn.microsoft.com/en-us/powershell/dsc/getting-started/wingettingstarted?view=dsc-1.1
    https://learn.microsoft.com/en-us/azure/governance/policy/concepts/guest-configuration?view=dsc-1.1
    https://learn.microsoft.com/en-us/azure/governance/policy/samples/guest-configuration-baseline-windows
    https://learn.microsoft.com/en-us/azure/defender-for-cloud/apply-security-baseline#:~:text=Next%20steps-,How%20do%20I%20deploy%20the%20prerequisites%20for%20the%20security%20configuration%20recommendations%3F,-To%20deploy%20the
    https://learn.microsoft.com/en-us/azure/governance/policy/samples/built-in-packages

    Let me know if you have any further questions.

    Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.


0 additional answers

Sort by: Most helpful