Loading controls...
Control: Allowlist rules in your adaptive application control policy should be updated
Description
Monitor for changes in behavior on groups of machines configured for auditing by Azure Security Center's adaptive application controls. Security Center uses machine learning to analyze the running processes on your machines and suggest a list of known-safe applications. These are presented as recommended apps to allow in adaptive application control policies.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.compute_vm_allowlist_rules_in_adaptive_application_control_policy_updated
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.compute_vm_allowlist_rules_in_adaptive_application_control_policy_updated --share
SQL
This control uses a named query:
manual_control