As you may already know, Azure comes with security center a feature providing unified and centralized security management for Azure called Azure Security Center (ASC).
Until now, Azure Security Center was providing only built-in security policies (either from Microsoft or to comply with regulatory standards).
Well, good news, you can now define your very own security policies (aka initiatives) on Azure Security Center.
To start implementing your own security policies on Azure Security Center logon to your Azure portal (https://portal.azure.com/) and reach out to your ASC
Then access the Security Policy blade and select either the management group (recommended) or the subscription you want to create your custom security initiative
Then reach out to the Your custom initiatives section to add your custom one
You will then have the list of your already created custom initiatives (which should be empty now as you are starting with your first one)
Click the Create new button to start creating the custom initiative
You will have to select the Definition location and then you will be able to select Policy Definitions
You can add the policy definition you want by clicking on his name and then use the Add button
If the policy definition requires any additional settings you will be able to set it up or fill it using a parameter
Once your custom policy is created you can then assign it by using the Add button to assign/deploy it
