Query: Adaptive application controls for defining safe applications should be enabled on your machines

Description

Enable application controls to define the list of known-safe applications running on your machines, and alert you when other applications run. This helps harden your machines against malware. To simplify the process of configuring and maintaining your rules, Security Center uses machine learning to analyze the applications running on each machine and suggest the list of known-safe applications.

Query

Tables used in this query:

• azure_subscription

Controls using this query:

• Adaptive application controls for defining safe applications should be enabled on your machines
• Adaptive network hardening recommendations should be applied on internet facing virtual machines
• Audit diagnostic setting for selected resource types
• Audit Windows machines missing any of specified members in the Administrators group
• Audit Windows machines that do not contain the specified certificates in Trusted Root
• Audit Windows machines that have extra accounts in the Administrators group
• Audit Windows machines that have the specified members in the Administrators group
• Monitor missing Endpoint Protection in Azure Security Center
• Vulnerabilities in security configuration on your machines should be remediated
• Vulnerabilities in security configuration on your virtual machine scale sets should be remediated
• Windows machines should meet requirements for 'Security Options - Accounts'
• Windows machines should meet requirements for 'Security Options - Audit'
• Windows machines should meet requirements for 'System Audit Policies - Detailed Tracking'
• Windows machines should meet requirements for 'Windows Firewall Properties'

SQL