Missing alert for Policy Assignment Deleting

Logging and monitoring

Missing alert for Policy Assignment Deleting

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Azure CIS
Brazilian General Data Protection (LGPD)
CCPA
ISO/IEC 27001
Microsoft Cloud Security Benchmark
Mitre ATT&CK v12
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
UK Cyber Essentials

Description

Monitoring for delete policy assignment events gives insight into changes done in 'azure policy - assignments' and can reduce the time it takes to detect unsolicited changes.

Recommended Mitigation

Under Monitor -> Alerts, create an alert for 'Microsoft.Authorization/policyAssignments/delete'.

Missing alert for Policy Assignment Deleting

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS