Security Center default policy setting ‘Monitor Vulnerability Assessment’ should be enabled

Description

Enable vulnerability assessment recommendations for virtual machines. When this setting is enabled, it recommends a vulnerability assessment solution be installed on the VM.

Portal Remediation Steps

• Navigate to Azure Policy.

• Select the subscription and click Edit assignment.

• Select Parameters.

• In Vulnerability assessment should be enabled on virtual machines, select AuditIfNotExists.

• Click Review + save > save.

CLI Remediation Steps

• Remediation is not possible via the CLI.

Documentation Links

• Working with Security Policies

• Azure Security Policies Monitored by Security Center