As you may already know, Azure comes with a set of policies to help you meet compliance and security standards (ISO 27001, SOC, PCI DSS…) and requirements.
As you should have been already using it (and if not this is a good day to start ), you have to be aware that the Azure CIS policy has been updated to version 1.1.0 to provide dynamic update to the policy rule and you are required to update your Azure Security policy configuration to include it.
You can download the new/updated Azure CIS policy benchmark from https://www.cisecurity.org/benchmark/azure/ to register and get a link to the benchmark (bottom of the page – the picture below has the link to the benchmark but you will need to be registered first, if not yet already)
The previous version of the Azure CIS was relying on static set of rules; the new version the Azure Security policy will be updated over the time dynamically,
To update your Azure Security policy to include the new Azure CIS 1.1.0 with the dynamic update, logon to your Azure portal (https://portal.azure.com/) and go to the Azure Security Center configuration blade
Then go to the Security Policy blade and select the management group (recommended) or the subscription you want to update with the new Azure CIS policy
Finally click the Add more standards button available in the Industry & regulatory standards section to add the new Azure CIS
When deploying the new policy, review the different settings to match your own requirements and deploy