Merge pull request #281192 from MayaGreenbergShalit/docs-editor/recommendations-reference-data-1721305691

prmerger-automator[bot] · web-flow · commit b5e259a9d497 · 2024-07-18T13:17:57.000Z
Update recommendations-reference-data.md
diff --git a/articles/defender-for-cloud/recommendations-reference-data.md b/articles/defender-for-cloud/recommendations-reference-data.md
@@ -298,21 +298,6 @@ Secure your storage account with greater flexibility using customer-managed keys
 
 **Severity**: Low
 
-### [Cognitive Services accounts should have local authentication methods disabled](recommendations-reference-data.md)
-
-
-**Description**: Disabling local authentication methods improves security by ensuring that Cognitive Services accounts require Azure Active Directory identities exclusively for authentication. Learn more at: https://aka.ms/cs/auth. (Related policy: Cognitive Services accounts should have local authentication methods disabled).
-
-**Severity**: Low
-
-
-### [Cognitive Services accounts should restrict network access](https://portal.azure.com/#blade/Microsoft_Azure_Security/RecommendationsBlade/assessmentKey/f738efb8-005f-680d-3d43-b3db762d6243)
-
-**Description**: Network access to Cognitive Services accounts should be restricted. Configure network rules so only applications from allowed networks can access the Cognitive Services account. To allow connections from specific internet or on-premises clients, access can be granted to traffic from specific Azure virtual networks or to public internet IP address ranges.
-(Related policy: [Cognitive Services accounts should restrict network access](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2fproviders%2fMicrosoft.Authorization%2fpolicyDefinitions%2f037eea7a-bd0a-46c5-9a66-03aea78705d3)).
-
-**Severity**: Medium
-
 ### [Cognitive Services accounts should use customer owned storage or enable data encryption](https://portal.azure.com/#blade/Microsoft_Azure_Security/RecommendationsBlade/assessmentKey/aa395469-1687-78a7-bf76-f4614ef72977)
 
 **Description**: This policy audits any Cognitive Services account not using customer owned storage nor data encryption. For each Cognitive Services account with storage, use either customer owned storage or enable data encryption. Aligns with Microsoft Cloud Security Benchmark.
diff --git a/articles/defender-for-cloud/release-notes-recommendations-alerts.md b/articles/defender-for-cloud/release-notes-recommendations-alerts.md
@@ -133,8 +133,8 @@ New and updated recommendations and alerts are added to the table in date order.
 | January 25  | Alert (Azure network layer)    | Update to informational                                      | `Possible incoming SMTP brute force attempts detected (Generic_Incoming_BF_OneToOne)` |
 | January 25  | Alert (Azure network layer)    | Update to informational                                      | `Traffic detected from IP addresses recommended for blocking (Network_TrafficFromUnrecommendedIP)` |
 | January 25  | Alert (Azure Resource Manager) | Update to informational                                      | `Privileged custom role created for your subscription in a suspicious way (Preview)(ARM_PrivilegedRoleDefinitionCreation)` |
-| January 4   | Recommendation                 | Preview                                                      | [Cognitive Services accounts should have local authentication methods disabled](recommendations-reference-data.md#cognitive-services-accounts-should-have-local-authentication-methods-disabled)<br/> Microsoft Cloud Security Benchmark |
-| January 4   | Recommendation preview         | [Cognitive Services should use private link](recommendations-reference-data.md#cognitive-services-should-use-private-link)<br/> Microsoft Cloud Security Benchmark |                                                              |
+| January 4   | Recommendation                 | Preview                                                      | Cognitive Services accounts should have local authentication methods disabled<br/> Microsoft Cloud Security Benchmark |
+| January 4   | Recommendation preview         | Cognitive Services should use private link<br/> Microsoft Cloud Security Benchmark |                                                              |
 | January 4   | Recommendation                 | Preview                                                      | [Virtual machines and virtual machine scale sets should have encryption at host enabled](recommendations-reference-compute.md#virtual-machines-and-virtual-machine-scale-sets-should-have-encryption-at-host-enabled)<br/> Microsoft Cloud Security Benchmark |
 | January 4   | Recommendation                 | Preview                                                      | [Azure Cosmos DB should disable public network access](recommendations-reference-data.md#azure-cosmos-db-should-disable-public-network-access)<br/> Microsoft Cloud Security Benchmark |
 | January 4   | Recommendation                 | Preview                                                      | [Cosmos DB accounts should use private link](recommendations-reference-data.md#cosmos-db-accounts-should-use-private-link)<br/> Microsoft Cloud Security Benchmark |
