Azure – You can now create exception for Azure Security Center recommendations

As you know, Azure Security Center (ASC) is your one stop shop to get an overview of your Azure security posture and custom recommendations based on your Azure environment.

Well, while this quite an important capability, there are some limitations, such as not being able to be selective on which resource(s) a recommendation should apply.

If you wanted to have exception for specific resource(s) you have – well had – no other choice on either completely disable the recommendation or leave it as is and get your Secure Score impacted because of the resource(s) on which you don’t want to have the recommendation to apply.

Well, good news, you can now create exception on recommendation to exclude specific resource(s) while keeping the recommendation active and improve your Secure Score. An example is the recommendation to have a security endpoint solution, you may use a solution which is not detected/recognized by ASC.

To create exceptions, connect to your Azure portal (https://portal.azure.com/) and access your Azure Security Center

image_thumb

Then click on the recommendation you want to create exception for by accessing the Recommendations blade

image_thumb[1]  image_thumb[2]

Once you have access the recommendation details, select the resource you want to exclude from it and open the contextual menu (the 3 dots on the right) to select Create exemption

NOTE 1 you can not create an exemption for multiple resources at once

NOTE 2 not all recommendations support the creation of exemption

image_thumb[3]

Then fill up the exception creation details, including an optional expiration period and the mandatory exemption category to define for which reason you want to exclude the resource

image_thumb[4]

There you go, the exemption has been created and the new time ASC is being refreshed the exclude resource will no longer impact your Secure Score

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies