You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/upcoming-changes.md
+24-8Lines changed: 24 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,7 +2,7 @@
2
2
title: Important changes coming to Microsoft Defender for Cloud
3
3
description: Upcoming changes to Microsoft Defender for Cloud that you might need to be aware of and for which you might need to plan
4
4
ms.topic: overview
5
-
ms.date: 02/19/2023
5
+
ms.date: 03/05/2023
6
6
---
7
7
8
8
# Important upcoming changes to Microsoft Defender for Cloud
@@ -22,15 +22,18 @@ If you're looking for the latest release notes, you'll find them in the [What's
22
22
|[Three alerts in Defender for Azure Resource Manager plan will be deprecated](#three-alerts-in-defender-for-azure-resource-manager-plan-will-be-deprecated)| March 2023 |
23
23
|[Alerts automatic export to Log Analytics workspace will be deprecated](#alerts-automatic-export-to-log-analytics-workspace-will-be-deprecated)| March 2023 |
24
24
|[Deprecation and improvement of selected alerts for Windows and Linux Servers](#deprecation-and-improvement-of-selected-alerts-for-windows-and-linux-servers)| April 2023 |
25
+
|[Deprecation of App Service language monitoring policies](#deprecation-of-app-service-language-monitoring-policies)| April 2023 |
25
26
|[Multiple changes to identity recommendations](#multiple-changes-to-identity-recommendations)| August 2023 |
26
27
27
28
### Changes in the recommendation "Machines should be configured securely"
28
29
29
30
**Estimated date for change: March 2023**
30
31
31
-
The recommendation "Machines should be configured securely" is going to be upgraded on March 20th to improve its performance and stability, and to align its experience with the generic behavior of MDC recommendations.
32
-
As part of this update, the recommendation's ID will be changed from "181ac480-f7c4-544b-9865-11b8ffe87f47" to "c476dc48-8110-4139-91af-c8d940896b98".
33
-
No action is required on the customer side, and there is no expected downtime nor impact on the secure score.
32
+
The recommendation `Machines should be configured securely` is set to be updated. This update will improve the performance and stability of the recommendation and align its experience with the generic behavior of Defender for Cloud's recommendations.
33
+
34
+
As part of this update, the recommendation's ID will be changed from `181ac480-f7c4-544b-9865-11b8ffe87f47` to `c476dc48-8110-4139-91af-c8d940896b98`.
35
+
36
+
No action is required on the customer side, and there's no expected downtime nor impact on the secure score.
34
37
35
38
36
39
### Three alerts in Defender for Azure Resource Manager plan will be deprecated
@@ -44,7 +47,7 @@ As we continue to improve the quality of our alerts, the following three alerts
44
47
45
48
You can learn more details about each of these alerts from the [alerts reference list](alerts-reference.md#alerts-resourcemanager).
46
49
47
-
In the scenario where an activity from a suspicious IP address is detected, one of the following Defender for Azure Resource Manager plan alerts `Azure Resource Manager operation from suspicious IP address` or `Azure Resource Manager operation from suspicious proxy IP address` will be present.
50
+
In the scenario where an activity from a suspicious IP address is detected, one of the following Defenders for Azure Resource Manager plan alerts `Azure Resource Manager operation from suspicious IP address` or `Azure Resource Manager operation from suspicious proxy IP address` will be present.
48
51
49
52
### Alerts automatic export to Log Analytics workspace will be deprecated
50
53
@@ -73,6 +76,22 @@ You can also view the [full list of alerts](alerts-reference.md#defender-for-ser
73
76
74
77
Read the [Microsoft Defender for Cloud blog](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/defender-for-servers-security-alerts-improvements/ba-p/3714175).
75
78
79
+
### Deprecation of App Service language monitoring policies
80
+
81
+
The following App Service language monitoring policies are set to be deprecated because they generate false negatives and they don't necessarily provide better security. Instead, you should always ensure you're using a language version without any known vulnerabilities.
82
+
83
+
| Policy name | Policy ID |
84
+
|--|--|
85
+
|[App Service apps that use Java should use the latest 'Java version'](https://ms.portal.azure.com/#view/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F496223c3-ad65-4ecd-878a-bae78737e9ed)| 496223c3-ad65-4ecd-878a-bae78737e9ed |
86
+
|[App Service apps that use Python should use the latest 'Python version'](https://ms.portal.azure.com/#view/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F7008174a-fd10-4ef0-817e-fc820a951d73)| 7008174a-fd10-4ef0-817e-fc820a951d73 |
87
+
|[Function apps that use Java should use the latest 'Java version'](https://ms.portal.azure.com/#view/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F9d0b6ea4-93e2-4578-bf2f-6bb17d22b4bc)| 9d0b6ea4-93e2-4578-bf2f-6bb17d22b4bc |
88
+
|[Function apps that use Python should use the latest 'Python version'](https://ms.portal.azure.com/#view/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F7238174a-fd10-4ef0-817e-fc820a951d73)| 7238174a-fd10-4ef0-817e-fc820a951d73 |
89
+
|[App Service apps that use PHP should use the latest 'PHP version'](https://ms.portal.azure.com/#view/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F7261b898-8a84-4db8-9e04-18527132abb3)| 7261b898-8a84-4db8-9e04-18527132abb3 |
90
+
91
+
Customers can use alternative built-in policies to monitor any specified language version for their App Services.
92
+
93
+
Defender for Cloud won't include these recommendations as built-in recommendations. You can add them as custom recommendations to have Defender for Cloud monitor them.
94
+
76
95
### Multiple changes to identity recommendations
77
96
78
97
**Estimated date for change: August 2023**
@@ -100,9 +119,6 @@ The following security recommendations will be released as GA and replace the V1
100
119
101
120
The following security recommendations will be deprecated as part of this change:
102
121
103
-
The following security recommendations will be deprecated as part of this change:
104
-
105
-
106
122
| Recommendation | Assessment Key |
107
123
|--|--|
108
124
| MFA should be enabled on accounts with owner permissions on subscriptions | 94290b00-4d0c-d7b4-7cea-064a9554e681 |
0 commit comments