Interpretation of the Columns in Benchmark Compliance Rules:
Rule ID: A unique identifier for the specific security rule or check
Title: A brief description of the security issue or misconfiguration
Severity — Low to High: Determines the risk of being exposed to attacks
Service Type: The AWS service affected or evaluated by the rule
Resource Type: The specific AWS resource being audited
| Rule ID | Title | Severity | Service Type | Resource Type |
|---|---|---|---|---|
| CSPM-AZURE-2024-0114 | Ensure That Microsoft Defender for App Services Is Set To ‘On’ (Automated) | Medium | Microsoft Defender | Security Configurations |
| CSPM-AZURE-2024-0116 | Ensure That Microsoft Defender for SQL Servers on Machines Is Set To ‘On’ (Automated) | High | Microsoft Defender | Pricings |
| CSPM-AZURE-2024-0121 | Ensure That Microsoft Defender for Key Vault Is Set To ‘On’ (Automated) | High | Microsoft Defender | Security Configurations |
| CSPM-AZURE-2024-0123 | Ensure That Microsoft Defender for Resource Manager Is Set To ‘On’ (Automated) | High | Microsoft Defender | Security Configurations |
| CSPM-AZURE-2024-0207 | Guest accounts with owner permissions on Azure resources should be removed | High | Microsoft Entra | Users |
| CSPM-AZURE-2024-0208 | Guest accounts with read permissions on Azure resources should be removed | Medium | Microsoft Entra | Users |
| CSPM-AZURE-2024-0209 | Guest accounts with write permissions on Azure resources should be removed | High | Microsoft Entra | Users |
| CSPM-AZURE-2024-0231 | Azure Defender for Azure SQL Database servers should be enabled | High | Microsoft Defender | Security Configurations |
| CSPM-AZURE-2024-0326 | Provide the logout capability | Medium | Microsoft Entra ID | Application |
