Azure – You can now define your own security policies in Azure Security Center

As you may already know, Azure comes with security center a feature providing unified and centralized security management for Azure called Azure Security Center (ASC).

Until now, Azure Security Center was providing only built-in security policies (either from Microsoft or to comply with regulatory standards).

Well, good news, you can now define your very own security policies (aka initiatives) on Azure Security Center.

To start implementing your own security policies on Azure Security Center logon to your Azure portal ( and reach out to your ASC


Then access the Security Policy blade and select either the management group (recommended) or the subscription you want to create your custom security initiative

image_thumb[1]  image_thumb[2]

Then reach out to the Your custom initiatives section to add your custom one


You will then have the list of your already created custom initiatives (which should be empty now as you are starting with your first one)


Click the Create new button to start creating the custom initiative

You will have to select the Definition location and then you will be able to select Policy Definitions

You can add the policy definition you want by clicking on his name and then use the Add button

image_thumb[6]  image_thumb[5]  image_thumb[7]  image_thumb[8]

If the policy definition requires any additional settings you will be able to set it up or fill it using a parameter


Once your custom policy is created you can then assign it by using the Add button to assign/deploy it

image_thumb[11]  image_thumb[12]

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies