Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[New Control] GR11 V4 Microsoft Defender for Cloud Alerts and Events Check #295

Merged
merged 15 commits into from
Dec 6, 2024
Merged

[New Control] GR11 V4 Microsoft Defender for Cloud Alerts and Events Check #295

merged 15 commits into from
Dec 6, 2024

Conversation

alalvi00
Copy link
Contributor

@alalvi00 alalvi00 commented Dec 6, 2024
edited
Loading

Overview/Summary

The new control, MS Defender for Cloud Check, validates the following configurations for each subscription:

  • Email notifications are set up with at least two distinct email addresses.
  • The notification configuration includes an owner role.
  • Alert notifications are configured, and their severity level is set to "Medium" or "Low".
  • Attack path notifications are configured, and their severity level is set to "Medium" or "Low".

This ensures comprehensive notification settings for critical security updates.

This PR fixes/adds/changes/removes

  1. Check-DefenderForCloudAlerts.psm1 (Added)
  2. Check-DefenderForCloudAlerts.psd1 (Added)
  3. GR-ComplianceChecks-Msgs.psd1 (Updated)
  4. automationaccount.bicep (Updated)
  5. modules.json (Updated)
  6. Two new zip modules added

Breaking Changes

N/A

Testing Evidence

Our dev tenant is compliant as shown

image

As part of this Pull Request I have

  • Checked for duplicate Pull Requests
  • Associated it with relevant GitHub Issues
  • Ensured my code/branch is up-to-date with the latest changes in the main branch
  • Performed testing and provided evidence.
  • Updated relevant and associated documentation.
  • Ensure PowerShell module versions have been updated (manually or with the ./tools/Update-ModuleVersions.ps1 script)

@alalvi00 alalvi00 force-pushed the msDefender-check-aalvi branch from 400c5e5 to 4912bc8 Compare December 6, 2024 16:26
@alalvi00 alalvi00 linked an issue Dec 6, 2024 that may be closed by this pull request
GR11 | Validation 4 | Contact Details for Alerts and Events Checks #234
Closed
@alalvi00 alalvi00 requested a review from dutt0 December 6, 2024 19:44
@alalvi00 alalvi00 merged commit 672e8f6 into main Dec 6, 2024
4 checks passed
@alalvi00 alalvi00 deleted the msDefender-check-aalvi branch December 6, 2024 19:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dutt0 dutt0 dutt0 approved these changes

@singhgss singhgss singhgss approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

GR11 | Validation 4 | Contact Details for Alerts and Events Checks
3 participants
@alalvi00 @singhgss @dutt0