Security Recommendations
High Severity
12
Medium Severity
35
Low Severity
78
Informational
150
All Recommendations
| Recommendation | Severity | Description | Resource | Affected Resources | Status | Actions |
|---|---|---|---|---|---|---|
| Enable MFA on all subscriptions | High | Multi-factor authentication (MFA) significantly reduces the risk of account compromise. Ensure MFA is enabled for all privileged accounts. | Subscription: MyAzureSubscription-1 |
Subscription 1 Azure Subscription |
Unhealthy | |
| Apply latest security updates | Medium | Ensure all virtual machines and services are running the latest security patches to protect against known vulnerabilities. | Resource Group: AppRG-Prod |
VM-WebApp-01 Virtual Machine VM-DB-01 Virtual Machine |
Unhealthy | |
| Restrict network access to public endpoints | High | Limit inbound internet access to critical resources. Use Network Security Groups (NSGs) and private endpoints where possible. | VNet: MyVNet-Prod |
PublicIP-WebApp Public IP Address |
Unhealthy | |
| Enable Advanced Threat Protection | Medium | Azure Advanced Threat Protection provides advanced threat detection and response capabilities for your cloud and hybrid environments. | Subscription: MyAzureSubscription-2 |
StorageAccount-Logs Storage Account |
Healthy | |
| Monitor for unauthorized configuration changes | Low | Implement logging and auditing to detect and alert on any unauthorized changes to your Azure resources. | Resource Group: InfraRG |
KeyVault-Secrets Key Vault |
Unhealthy | |
| Use managed identities for service authentication | Informational | Managed identities provide an identity for Azure services to use when connecting to other Azure services, eliminating the need for secrets management. | Resource Group: AppRG-Dev |
AppService-API App Service |
Healthy |