Security Center default policy setting “Monitor Adaptive Application Whitelisting” should be enabled

Description

Enable adaptive application controls. Adaptive application controls help control which applications can run on VMs located in Azure, which among other benefits helps harden those VMs against malware. The Security Center uses machine learning to analyze the processes running in the VM and helps to apply white-listing rules using this intelligence.

Portal Remediation Steps

  • Navigate to Azure Policy.

  • Select the subscription and click Edit assignment.

  • Select Parameters.

  • In Adaptive application controls for defining safe applications should be enabled on your machines, select AuditIfNotExists.

  • Click Review + save > save.

CLI Remediation Steps

  • Remediation is not possible via the CLI.