Ensure that Microsoft Cloud Security Benchmark policies are not set to 'Disabled'
Why This Matters
When a Microsoft Cloud Security Benchmark policy is set to Disabled, Azure completely stops evaluating that specific security recommendation across your environment. This creates blind spots in your security posture: you will not receive alerts or compliance information about misconfigurations that the disabled policy would have detected. Over time, multiple disabled policies can leave significant security gaps unaddressed, increasing your organization's risk exposure.
What Aether365 Checks
Aether365 verifies that all policies within the Microsoft Cloud Security Benchmark policy initiative are set to an effect of Audit or a non-disabled effect type. This check appears in the Aether365 dashboard under the Azure Defender for Cloud checks section.