Edit

Share via

Remediate security baseline recommendations powered by MDVM

  • Article

Microsoft Defender for Cloud enhances the Center for Internet Security (CIS) benchmarks by providing security baselines that are powered by Microsoft Defender Vulnerability Management (MDVM). These security baselines help you secure your servers by providing recommendations that improve your security posture.

MDVM's security baselines features extensive coverage of benchmarks, which are continuously updated, along with comprehensive rule coverage. Each rule is accompanied with information that details the effect of the issue, a description of the problem, and detailed recommendation steps. These checks are integrated into the Microsoft Defender for Endpoint (MDE) agent, which allows Defender for Cloud to provide extra security checks within the same agent.

Prerequisites

Supported benchmark operating systems:

  • windows_server_2008_r2
  • windows_server_2016
  • windows_server_2019
  • windows_server_2022

Remediate security baseline recommendation

To ensure your servers are protected and secure, you should remediate all security baselines recommendation in Defender for Cloud.

  1. Sign in to the Azure portal.

  2. Navigate to Microsoft Defender for Cloud > Recommendations.

  3. Search for and select Machine should be configured securely (powered by MDVM).

  4. Select View recommendation for all resources.

    Screenshot that shows where the view recommendation for all resources is located in the recommendation.

  5. Select one of the affected unhealthy resources.

  6. Select a security check.

  7. Follow the remediation step.

    Screenshot that shows where the remediation steps are located.

  8. Repeat the process for all affected resources.

Next step

View and remediate findings from vulnerability assessment solutions on your VMs