Ensure that endpoint protection monitoring is enabled within Microsoft Defender for Cloud settings in order to identify and remove viruses, spyware, and other malicious software from your Azure virtual machines (VMs). Microsoft Defender for Cloud monitors security configurations using a large set of recommendations for auditing, detecting threats, hardening operating systems, configuring firewalls, setting password policies, and more.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
When the Endpoint Protection Monitoring feature is enabled, Microsoft Defender for Cloud recommends endpoint protection for all Windows virtual machines to help identify and remove viruses, spyware, and other malicious software.
Audit
To determine if the endpoint protection monitoring is enabled within the Microsoft Defender for Cloud security policy, perform the following actions:
Remediation / Resolution
To enable endpoint protection monitoring and recommendations for Azure virtual machines using the Microsoft Defender for Cloud security policy, perform the following actions:
References
- Azure Official Documentation
- Microsoft Defender for Cloud documentation
- What is Microsoft Defender for Cloud?
- Azure Policy built-in policy definitions
- Manage security policies
- CIS Microsoft Azure Foundations
- Azure Command Line Interface (CLI) Documentation
- az
- az account get-access-token