Security Center default policy setting ‘Monitor OS Vulnerabilities’ should be enabled

Description

When this setting is enabled, it analyzes operating system configurations daily to determine issues that could make the virtual machine vulnerable to attack.

Portal Remediation Steps

• Navigate to Azure Policy.

• Select the subscription and click Edit assignment.

• Select Parameters.

• In Vulnerability assessment should be enabled on virtual machines, select AuditIfNotExists.

• Click Review + save > save.

CLI Remediation Steps

• Remediation is not possible via the CLI.

Documentation Links

• Working with Security Policies

• Azure Security Policies Monitored by Security Center