Aqua CSPM
AZURESecurity Center

Application Whitelisting Enabled

Quick Info

Plugin TitleApplication Whitelisting Enabled
CloudAZURE
CategorySecurity Center
DescriptionEnsures that Security Center Monitor Adaptive Application Whitelisting is enabled
More InfoAdaptive application controls work in conjunction with machine learning to analyze processes running in a VM and help control which applications can run, hardening the VM against malware.
AZURE Linkhttps://docs.microsoft.com/en-us/azure/security-center/security-center-adaptiveapplication
Recommended ActionEnable Adaptive Application Controls for Virtual Machines from the Azure Security Center by ensuring AuditIfNotExists setting is used.

Detailed Remediation Steps

  1. Log into the Microsoft Azure Management Console.
  2. Select the “Search resources, services, and docs” option at the top and search for Security Center.
  3. Scroll down the “Security Center” navigation panel and select the “Security policy” option under “POLICY & COMPLIANCE."
  4. On the “Policy Management” page under “Name” column select the “Subscription Name” that needs to be verified.
  5. On the “Security Policy” page scroll down the “Compute And Apps” section and check the “Adaptive Application Controls should be enabled on virtual machines”. If it’s set to “Disabled” then “Adaptive Application Whitelisting” is not enabled on the selected “Subscription."
  6. Repeat steps number 2 - 5 to check other “Subscriptions” under the “Security Center.“
  7. Navigate to the “Security Center”, select the “Security policy” and under “Policy Management” select the “Subscription” that needs to enable the “Adaptive Application Whitelisting."
  8. Select the “Subscription” link under the “Security policy” at the top to get into the configuration settings.
  9. Scroll down the page and under “Parameter” choose the “Adaptive Application Controls should be enabled on virtual machines” and select the “AuditIfNotExists” option from the dropdown menu and click on the “Save” button at the bottom to make the necessary changes.
  10. Repeat steps number 7 - 9 to ensures “Disk Encryption monitoring” is enabled in Security Center.

Cloud Security Posture Management (CSPM)

Scan, monitor and remediate configuration issues in public cloud accounts according to best practices and compliance standards, across AWS, Azure, Google Cloud, and Oracle Cloud.
Sign up for free
Cloud native security as-a-service
Aqua Wave
Get Started
Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2021 Aqua Security Software Ltd.   Privacy Policy | Terms of Use