|
2 | 2 | author: timwarner-msft |
3 | 3 | ms.service: azure-policy |
4 | 4 | ms.topic: include |
5 | | -ms.date: 08/16/2022 |
| 5 | +ms.date: 08/29/2022 |
6 | 6 | ms.author: timwarner |
7 | 7 | ms.custom: generated |
8 | 8 | --- |
9 | 9 |
|
10 | 10 | |Name |Description |Policies |Version | |
11 | 11 | |---|---|---|---| |
12 | | -|[\[Preview\]: \[Preview\]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policySetDefinitions/Security%20Center/MDC_AzureMonitoring_UAI_DefaultWorkspace.json) |Configure machines to automatically install the Azure Monitor and Azure Security agents. Microsoft Defender for Cloud collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group, a Data Collection Rule and Log Analytics workspace in the same region as the machine to store audit records. Target machines must be in a supported location. |13 |1.0.1-preview | |
13 | | -|[\[Preview\]: \[Preview\]: Configure machines to create the user-defined Microsoft Defender for Cloud pipeline using Azure Monitor Agent](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policySetDefinitions/Security%20Center/MDC_AzureMonitoring_UAI_UserWorkspace.json) |Configure machines to automatically install the Azure Monitor and Azure Security agents. Microsoft Defender for Cloud collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Use the user-provided Log Analytics workspace to store audit records. Creates a resource group and a Data Collection Rule in the same region as the user-provided Log Analytics workspace. Target machines must be in a supported location. |13 |1.0.1-preview | |
14 | | -|[\[Preview\]: \[Preview\]: Deploy Microsoft Defender for Endpoint agent](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policySetDefinitions/Security%20Center/ASC_MicrosoftDefenderForEndpointAgent.json) |Deploy Microsoft Defender for Endpoint agent on applicable images. |4 |1.0.0-preview | |
15 | | -|[Azure Security Benchmark](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policySetDefinitions/Security%20Center/AzureSecurityCenter.json) |The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see [https://aka.ms/azsecbm](/security/benchmark/azure/overview). This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. |203 |52.0.0 | |
| 12 | +|[\[Preview\]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policySetDefinitions/Security%20Center/MDC_AzureMonitoring_UAI_DefaultWorkspace.json) |Configure machines to automatically install the Azure Monitor and Azure Security agents. Microsoft Defender for Cloud collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group, a Data Collection Rule and Log Analytics workspace in the same region as the machine to store audit records. Target machines must be in a supported location. |13 |1.0.1-preview | |
| 13 | +|[\[Preview\]: Configure machines to create the user-defined Microsoft Defender for Cloud pipeline using Azure Monitor Agent](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policySetDefinitions/Security%20Center/MDC_AzureMonitoring_UAI_UserWorkspace.json) |Configure machines to automatically install the Azure Monitor and Azure Security agents. Microsoft Defender for Cloud collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Use the user-provided Log Analytics workspace to store audit records. Creates a resource group and a Data Collection Rule in the same region as the user-provided Log Analytics workspace. Target machines must be in a supported location. |13 |1.0.1-preview | |
| 14 | +|[\[Preview\]: Deploy Microsoft Defender for Endpoint agent](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policySetDefinitions/Security%20Center/ASC_MicrosoftDefenderForEndpointAgent.json) |Deploy Microsoft Defender for Endpoint agent on applicable images. |4 |1.0.0-preview | |
| 15 | +|[Azure Security Benchmark](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policySetDefinitions/Security%20Center/AzureSecurityCenter.json) |The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v3, see [https://aka.ms/azsecbm](/security/benchmark/azure/overview). This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. |203 |52.0.0 | |
16 | 16 | |[Configure Advanced Threat Protection to be enabled on open-source relational databases](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policySetDefinitions/Security%20Center/ASC_AtpForOssDatabases.json) |Enable Advanced Threat Protection on your non-Basic tier open-source relational databases to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. See [https://aka.ms/AzDforOpenSourceDBsDocu](../../../../articles/defender-for-cloud/defender-for-databases-introduction.md). |3 |1.0.1 | |
17 | 17 | |[Configure Azure Defender to be enabled on SQL Servers and SQL Managed Instances](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policySetDefinitions/Security%20Center/ASC_AzureDefenderForSql.json) |Enable Azure Defender on your SQL Servers and SQL Managed Instances to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. |2 |2.0.1 | |
18 | 18 | |[Configure Microsoft Defender for Databases to be enabled](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policySetDefinitions/Security%20Center/MDC_DefenderForDatabases.json) |Configure Microsoft Defender for Databases to protect your Azure SQL Databases, Managed Instances, Open-source relational databases and Cosmos DB. |4 |1.0.0 | |
0 commit comments