Security Center default policy setting ‘Monitor Endpoint Protection’ should be enabled

Description

When this setting is enabled, it recommends endpoint protection be provisioned for all Windows virtual machines to help identify and remove viruses, spyware, and other malicious software.

Portal Remediation Steps

  • Navigate to Azure Policy.

  • Select the subscription and click Edit assignment.

  • Select Parameters.

  • In Monitor missing Endpoint Protection in Azure Security Center, select AuditIfNotExists.

  • Click Review + save > save.

CLI Remediation Steps

  • Remediation is not possible via the CLI.