Azure – The Security Centre now provides ‘one click’ remediation (preview)

As you know, Azure integrates a security dashboard, called Azure Security Center (ASC), to help you have a bird view on the security state of your Azure (but not only as it also provides details from your on-premises) environment.

The Azure Security Center has been updated to provide a ‘one click’ remediation (when available) when a potential issue has been detected.

You already had with ASC the recommended actions to implement in order to resolve the detected issue but it can be sometime challenging to implement it; hence the ‘one click’ remediation which will apply the recommended action (also available with the Free pricing tier )

The ‘one click’ remediation is currently available for the below resource types:

  • Web Apps, Function Apps, and API Apps should only be accessible over HTTPS
  • Remote debugging should be turned off for Function Apps, Web Apps, and API Apps
  • CORS should not allow every resource to access your Function Apps, Web Apps, or API Apps
  • Secure transfer to storage accounts should be enabled
  • Transparent data encryption for Azure SQL Database should be enabled
  • Monitoring agent should be installed on your virtual machines
  • Diagnostic logs in Azure Key Vault and Azure Service Bus should be enabled
  • Diagnostic logs in Service Bus should be enabled
  • Vulnerability assessment should be enabled on your SQL servers
  • Advanced data security should be enabled on your SQL servers
  • Vulnerability assessment should be enabled on your SQL managed instances
  • Advanced data security should be enabled on your SQL managed instances


To start using it, connect to you Azure portal ( and reach the Security Centre.


Next, reach out the Recommendations blade (which can be also accessed from the Overview).


Then, in the recommendation list you may see for some of them a ‘1-Click Fix!’ blue button.


If you click on the recommendation you will get more information about it and the steps to remediate (as before the ‘one click’ action) plus after selecting the impacted resource(s) you will get the remediate button which will then implement the remediation.


Depending of the remediation actions you may have to provide few additional settings; here to enable the diagnostic log for the key vault, you have to define the retention period and log analytics workspace to use

That’s it.

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies