Azure – Quickly find the status of Azure Security Center recommendations

As you may know, Azure Security Center (ASC) is your own stop shop for everything related to the security of your Azure infrastructure (including when running in hybrid with your on-premises servers onboarded onto Azure).

Microsoft is providing default built-in rules to help you secure your resources as per the latest recommendations.

Off course you can manage these built-in rules to enable or disable them but with time, more and more rules have been added to cover more recommendations and/or more resources.

You may find yourself wondering which ones are enabled and which ones are disabled (maybe because at the time they were not relevant to you).

Well, you can quickly get a status of these rules by using PowerShell (don’t forget you can use Cloud Shell or Azure Function since it supports PowerShell)

To get the status of the built-in rules, run the below command

(Get-AzPolicyAssignment | Where-Object {$_.name –eq “SecurityCenterBuiltIn”}).Properties.parameters

image

It then will return all built-in ASC rules and their corresponding state

image

After reviewing the result you can then decide to update your ASC rules.

Leave a Comment

Your email address will not be published.