standard
turbot/azure_cis
Get Involved
Version
Pipeline: 3.1.3.4 Ensure that 'Agentless scanning for machines' component status is set to 'On'
Description
Using disk snapshots, the agentless scanner scans for installed software, vulnerabilities, and plain text secrets.
The Microsoft Defender for Cloud agentless machine scanner provides threat detection, vulnerability detection, and discovery of sensitive information.
Remediation
From Azure Portal
- From the Azure Portal
Homepage, selectMicrosoft Defender for Cloud. - Under
ManagementselectEnvironment Settings. - Select a subscription.
- Under
Settings>Defender Plans, clickSettings & monitoring. - Under the Component column, locate the row for
Agentless scanning for machines. - Select
On. - Click
Continuein the top left.
Repeat the above for any additional subscriptions.
Default Value
By default, Agentless scanning for machines is off.
Run the pipeline
To run this pipeline from your terminal:
flowpipe pipeline run azure_cis.pipeline.cis_v300_3_1_3_4Use this pipeline
To call this pipeline from your pipeline, use a step:
step "pipeline" "step_name" { pipeline = azure_cis.pipeline.cis_v300_3_1_3_4 }Params
| Name | Type | Required | Description | Default |
|---|---|---|---|---|
| database | connection.steampipe | Yes | Database connection string. | connection.steampipe.default |
| notifier | notifier | Yes | The name of the notifier to use for sending notification messages. | notifier.default |
| notification_level | string | Yes | The verbosity level of notification messages to send. Valid options are 'verbose', 'info', 'error'. | info |
| approvers | list(notifier) | Yes | List of notifiers to be used for obtaining action/approval decisions. | notifier.default |
Outputs
This pipeline has no outputs.
Tags
folder = CIS v3.0.0/3 Security/3.1 Microsoft Defender for Cloud/3.1.3 Defender Plan: Servers