Azure – Quickly find the status of Azure Security Center recommendations

As you may know, Azure Security Center (ASC) is your own stop shop for everything related to the security of your Azure infrastructure (including when running in hybrid with your on-premises servers onboarded onto Azure).

Microsoft is providing default built-in rules to help you secure your resources as per the latest recommendations.

Off course you can manage these built-in rules to enable or disable them but with time, more and more rules have been added to cover more recommendations and/or more resources.

You may find yourself wondering which ones are enabled and which ones are disabled (maybe because at the time they were not relevant to you).

Well, you can quickly get a status of these rules by using PowerShell (don’t forget you can use Cloud Shell or Azure Function since it supports PowerShell)

To get the status of the built-in rules, run the below command

(Get-AzPolicyAssignment | Where-Object {$_.name –eq “SecurityCenterBuiltIn”}).Properties.parameters

image

It then will return all built-in ASC rules and their corresponding state

image

After reviewing the result you can then decide to update your ASC rules.

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies