Vulnerabilities
Misconfiguration
Runtime Security
Compliance
Azure > Defender >

Monitor Endpoint Protection

MEDIUM
Source
CloudSploit
ID
monitor-endpoint-protection
management console

Monitor Endpoint Protection

Ensures Endpoint Protection monitoring is enabled in Microsoft Defender.

When this setting is enabled, Microsoft Defender for Cloud audits the Endpoint Protection setting for all virtual machines for malware protection.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log in to the Microsoft Azure Management Console.

  2. Select the “Search resources, services, and docs” option at the top and search for “Microsoft Defender for Cloud”. Step

  3. Scroll down the left navigation panel and select “Environment Settings” under “Management”.Step

  4. On the “Microsoft Defender for Cloud | Environment settings” page, under the “Name” column, select the “Subscription Name” that needs to be verified by clicking on its Name. Step

  5. On the “Settings” page, Defender Plans. Select the “Settings & Monitoring” Tab on the top. Step

  6. On the “Settings | Defender plans” page, Navigate to the “Guest Configuration agent” plan. Step

  7. Enable the “Guest Configuration agent” by toggling its Status to “On”.

  8. On the “Settings & Monitoring” Page, click on the “Continue” Button at the top.

  9. On the “Settings | Defender plans” Page, click on the “Save” Button at the top.

  10. Repeat steps 3 - 9 to ensure “Endpoint Protection Monitoring” is configured from Microsoft Defender for Cloud.

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use