| Ensure Autoprovisioning of the Log Analytics Agent Is Enabled for Azure VMs | KirkpatrickPrice

Ensure Autoprovisioning of the Log Analytics Agent Is Enabled for Azure VMs

Related Videos

Activate Azure Key Rotation Reminders.mov

Activate Microsoft Defender for Azure SQL Databases

Allow Azure Services Access to Storage Accounts

Antivirus Solutions on EC2 Instances

Autoprovisioning of Microsoft Defender for Containers Components.mov

Configure Activity Log Container Access to Private

Configure Shared Access Security Tokens to Expire within an Hour

Configure Storage Accounts to Use Customer Managed Keys

Consider an Exclusionary Geographic Access Policy

Create Activity Log Alert for Delete SQL Server Firewall

Create a Review Process for Apps

Create a Review Process of Guest Users

Create an Activity Log Alert for Create or Update Public IP Address

Create an Activity Log Alert for Delete Security Solution

Deploying Security Patches on EC2 Instances

Disable Caching of Second Factor of Authentication Beyond One Day

Disable Public Access Level for Storage Accounts with Blob Containers

Disallow Other Apps to Access Company Data

Do Not Allow Users to Remember MFA on Devices They Trust

Enable Autoprovisioning of Vulnerability Assessment for Machines

Enable Logging of Read, Write, and Delete Requests for Blob Service

Enable Logging of Read, Write, and Delete Requests for Table Service

Enable Microsoft Defender for App Services

Enable Microsoft Defender for DNS

Enable Microsoft Defender for IoT

Enable Microsoft Defender for Open Source Relationship Databases

Enable Microsoft Defender for SQL Server on Machines

Enable Microsoft Defender for Servers

Enable Multifactor Authentication for Administrators

Enable Multifactor Authentication for All Users

Enable Queue Storage Logging for Read Write Access

Enable Role Based Access Control (RBAC) for Azure Key Vault

Encrypt Infrastructure to Further Protect Your Environment

Encrypt Storage for Cricical Data with CMKs

Enforce Multifactor Authentication for All Users

Ensure Diagnostic Setting Captures Appropriate Categories

Ensure Guest Accounts Are Restricted

Ensure HTTP(S) Access from the Internet Is Reviewed and Restricted

Ensure Log Alert Exists for Create or Update Network Security Group

Ensure Logging for AppServiceHTTPLogs

Ensure Microsoft Defender Is Enabled for Storage Accounts

Ensure Microsoft Defender Is Enabled for the Azure Resource Manager

Ensure Microsoft Defender for Databases Is Enabled

Ensure Microsoft Defender for Key Vaults Is Enabled

Ensure Network Security Group Flow Logs Are Sent to Log Analytics

Ensure Notifications are Enabled for Password Resets

Ensure Only Administrators Can Create Groups

Ensure Only Authorized Users Can Create Security Groups

Ensure Secure Transfer

Ensure Soft Delete Is Enabled

Ensure That a Diagnostic Setting Is Enabled

Ensure Use of CMKs for Unattached Disks

Ensure an Activity Log Alert Exists for Delete Public IP Address

Ensure that Virtual Hard Disks Are Encrypted

Ensure that an Expiration Date Is Set for All Keys in Non-RBAC Key Vaults

Ensure that an Expiration Date Is Set for All Secrets in Non-RBAC Key Vaults

Ensure the Key Vault Is Recoverable

Ensure the Minimum TLS Version for Storage Accounts Is Set to 1.2

Evaluate Public IP Addresses Regularly

Evaluate and Restrict UDP Access from the Internet

Identifying and Ranking Vulnerabilities in AWS

Install Endpoint Protection for All Virtual Machines

Log and Retain All Relevant Activities

Monitor Your Environment with Network Watcher

Monitor for "Delete Network Security Groups" Through Log Alerts

Notify Admins of Other Admin Password Resets

Only Allow Administrators to Delete Locked Resources

Only Allow Approved Employees to Invite Guests

Only Allow Trusted Apps to Access Company Data

Only Install Company-Approved Extensions on Your Virtual Machines

PCI Requirement 11.1.2 – Unauthorized Wireless Access Points Detection

PCI Requirement 11.2 – Quarterly Internal & External Vulnerability Scans

PCI Requirement 11.2.1 – Perform Quarterly Internal Vulnerability Scans

PCI Requirement 11.2.2 – Perform Quarterly External Vulnerability Scans

PCI Requirement 11.2.3 – Perform Internal and External Scans and Rescans as Needed

PCI Requirement 11.4 – Use Intrusion-Detection and/or Intrusion-Prevention Techniques

PCI Requirement 11.5 – Deploy a Change-Detection Mechanisms to Alert Personnel

PCI Requirement 5.1 – Deploy Anti-Virus Software on all Commonly Affected Systems

PCI Requirement 5.1.1 – Ensure Anti-Virus Programs Detect, Remove and Protect Against Malware

PCI Requirement 5.1.2 – Perform Evaluations to Identify & Evaluate Evolving Malware Threats

PCI Requirement 5.2 – Ensure Anti-Virus Mechanisms are Current, Perform Scans, & Generate Audit Logs

PCI Requirement 5.3 – Ensure Anti-Virus Mechanisms are Active and Can’t be Altered

PCI Requirement 6.1 – Establish a Process to Identify Security Vulnerabilities

PCI Requirement 6.5.6 – All “High Risk” Vulnerabilities

PCI Requirement 6.6 – Address Threats & Vulnerabilities Regularly for Public-Facing Web Applications

PCI v4.0 - 11.1.1: Requirement 11 Polices and Procedures Are In Place

PCI v4.0 - 11.1.2: Requirement 11 Roles and Responsibilities Are In Place

PCI v4.0 - 11.2.1: Wireless Access Points Are Properly Managed

PCI v4.0 - 11.2.2: Maintain Inventory of All Authorized Wireless Access Points

PCI v4.0 - 11.3.1.1: Manage Non-High Risk and Non-Critical Vulnerabilities Appropriately

PCI v4.0 - 11.3.1.2: Use Authenticated Vulnerability Scanning Tools for Internal Scans

PCI v4.0 - 11.3.1.3: Perform Internal Scans After Significant Changes

PCI v4.0 - 11.3.1: Perform Internal Vulnerability Scans Frequently

PCI v4.0 - 11.3.2.1: Perform External Scans After Significant Changes

PCI v4.0 - 11.3.2: Perform External Vulnerability Scans Frequently

PCI v4.0 - 11.5.1.1: Detect Alert and Address Covert Malware Communication Channels

PCI v4.0 - 11.5.2: Deploy a Change-Detection Mechanism

PCI v4.0 - 11.6.1: Change-Detection or Tamper-Detection Mechanisms Are Deployed on Payment Pages

PCI v4.0 - 5.1.1: Have Requirement 5 Policies and Procedures In Place

PCI v4.0 - 5.1.2: Have Requirement 5 Roles and Responsibilities In Place

PCI v4.0 - 5.2.1: Deploy Anti-Malware Solutions on All System Components

PCI v4.0 - 5.2.2: Utilize Sufficient Anti-Malware Solutions

PCI v4.0 - 5.2.3.1: Define Frequency of Periodic Evaluations of Systems in the Targeted Risk Analysis

PCI v4.0 - 5.2.3: Periodically Review Systems Not Protected by Anti-Malware Solutions

PCI v4.0 - 5.3.1: Keep Anti-Malware Solutions Up to Date

PCI v4.0 - 5.3.2.1: Define Frequency of Anti-Malware Scans in Targeted Risk Analysis

PCI v4.0 - 5.3.2: Ensure Anti-Malware Solution Performs Scans or Continuous Behavior Analyses

PCI v4.0 - 5.3.3: Utilize Anti-Malware Solutions for Removable Media

PCI v4.0 - 5.3.4: Enable and Retain Audit Logs for Anti-Malware Solutions

PCI v4.0 - 5.3.5: Do Not Allow Anti-Malware Solutions to Be Altered or Disabled

PCI v4.0 - 5.4.1: Have Protections in Place to Prevent Phishing Attacks

PCI v4.0 - 6.1.1: Requirement 6 Policies and Procedures Are In Place

PCI v4.0 - 6.1.2: Requirement 6 Roles and Responsibilities Are In Place

PCI v4.0 - 6.2.1: Bespoke and Custom Software Are Developed Securely

PCI v4.0 - 6.2.2: Train Personnel Developing Custom Software in Secure Software Practices

PCI v4.0 - 6.2.3 & 6.2.3.1: Bespoke and Custom Software Is Reviewed Before Being Released

PCI v4.0 - 6.2.4: Utilize Software Engineering Techniques to Secure Bespoke and Custom Software

PCI v4.0 - 6.3.1: Identify Security Vulnerabilities in Software

PCI v4.0 - 6.3.2: Maintain a List of Bespoke and Custom and Third-Party Software

PCI v4.0 - 6.3.3: Remediate Known Vulnerabilities Through Security Patches

PCI v4.0 - 6.4.1: Protect Public-Facing Web Applications

PCI v4.0 - 6.4.2: Use an Automated Solution to Protect Public-Facing Web Applications

PCI v4.0 - 6.4.3: Payment Page Scripts Are Managed Properly

PCI v4.0 - 6.5.1: Have a Documented Change Process for All System Components

PCI v4.0 - 6.5.2: Ensure Applicable PCI DSS Requirements Are In Place After Significant Changes

PCI v4.0 - 6.5.3: Pre-Production and Production Environments Are Separated

PCI v4.0 - 6.5.4: Separate Duties Between Production and Pre-Production Environments

PCI v4.0 - 6.5.5: Live Primary Account Numbers Are Not Used In Pre-Production Environments

PCI v4.0 - 6.5.6: Ensure Test Data and Accounts Are Removed Before Going into Production

Periodically Regenerate Access Keys

Prevent Bad Passwords in Azure

Protect Against Malicious Attacks with Azure AD MFA

Protect Resources from Unauthorized Access

Reconfirm User Information Regularly

Require 2 Ways of Authentication for Resetting Passwords

Require Multifactor Authentication for Administrators

Restrict Access to Azure Active Directory (ADD)

Restrict Access to Azure Storage From All Networks

Restrict Access to Create Security Groups Only to Administrators

Restrict Access to the Administration Portal

Restrict User Authentication to Trusted Locations

Restrict Users from Adding Apps

Restrict and Review SSH Access from the Internet

Restrict and Secure Your Azure Environment

Review Internal and External Users Monthly

Review and Restrict RDP Access from the Internet

Risky Sign-Ins: What They Are and How to Prevent Them

Running Vulnerability Scans After a Significant Change

SOC 2 Academy: Performing Daily Log Reviews

Set Expiration Date for All Keys in RBAC Key Vaults

Set Expiration Date for All Secrets In RBAC Key Vaults

Shared Responsibility Matrix in PCI

Take Advantage of Automatic Key Rotation within Azure Key Vault

Testing for Unauthorized Wireless Access Points

The Value of Quarterly Internal Vulnerability Scans

Using Systems Manager from a Service-Linked Role

Using VPC Endpoints to Access Systems Manager

Utilize CMKs for OS and Data Disks

Utilize Flow Logs to Log Traffic in Your Environment

Utilize Log Alerts for Create or Update SQL Server Firewall

Utilize Log Alerts for Create or Update Security Solution

Utilize Logging for Azure Key Vault

Utilize Managed Disks for Virtual Machines

Utilize Microsoft Defender for Azure Cosmos DB

Utilize Private Endpoints for Azure Key Vault

Utilize Private Endpoints to Access Storage Accounts

Utilize the Principle of Least Privilege

Verify Log Alert Exists for Create Policy Assignment

Verify Log Alert Exists for Delete Policy Assignment

Verify Only Administrators Manage Group Membership Access

Verify that Microsoft Defender is Enabled for Containers