Azure Diagnostic Settings Security Checks
All security checks Aether365 performs for Azure Diagnostic Settings.
| ID | Title | Severity | Framework |
|---|---|---|---|
| AZURE.162 | Ensure the storage account containing the container with activity logs is encrypted with Customer Managed Key (CMK) | Medium | CIS Microsoft Azure Foundations |
| AZURE.163 | Ensure that logging for Azure AppService 'HTTP logs' is enabled | Low | CIS Microsoft Azure Foundations |
| AZURE.164 | Ensure Diagnostic Setting captures appropriate categories | Medium | CIS Microsoft Azure Foundations |
| AZURE.165 | Ensure that a 'Diagnostic Setting' exists for Subscription Activity Logs | Medium | CIS Microsoft Azure Foundations |
| AZURE.166 | Ensure that logging for Azure Key Vault is 'Enabled' | Medium | CIS Microsoft Azure Foundations |
| AZURE.167 | Ensure that Azure Monitor Resource Logging is Enabled for All Services that Support it | Medium | CIS Microsoft Azure Foundations |
| AZURE.168 | Ensure that Network Security Group Flow logs are captured and sent to Log Analytics | Medium | CIS Microsoft Azure Foundations |