v1.20.0-B0085
Pre-release
Pre-release
·
907 commits
to main
since this release
What's changed since pre-release v1.20.0-B0028:
- New rules:
- Azure Cache for Redis:
- Check the number of firewall rules for caches by @jonathanruiz.
#544 - Check the number of IP addresses in firewall rules for caches by @jonathanruiz.
#544
- Check the number of firewall rules for caches by @jonathanruiz.
- App Configuration:
- Container Registry:
- Check soft delete policy is enabled by @bengeset96.
#1674
- Check soft delete policy is enabled by @bengeset96.
- Defender for Cloud:
- Check Microsoft Defender for Cloud is enabled for Containers by @jdewisscher.
#1632 - Check Microsoft Defender for Cloud is enabled for Virtual Machines by @jdewisscher.
#1632 - Check Microsoft Defender for Cloud is enabled for SQL Servers by @jdewisscher.
#1632 - Check Microsoft Defender for Cloud is enabled for App Services by @jdewisscher.
#1632 - Check Microsoft Defender for Cloud is enabled for Storage Accounts by @jdewisscher.
#1632 - Check Microsoft Defender for Cloud is enabled for SQL Servers on machines by @jdewisscher.
#1632
- Check Microsoft Defender for Cloud is enabled for Containers by @jdewisscher.
- Network Security Group:
- Check AKS managed NSGs don't contain custom rules by @ms-sambell.
#8
- Check AKS managed NSGs don't contain custom rules by @ms-sambell.
- Storage Account:
- Check blob container soft delete is enabled by @pazdedav.
#1671 - Check file share soft delete is enabled by @jonathanruiz.
#966
- Check blob container soft delete is enabled by @pazdedav.
- Azure Cache for Redis:
- Updated rules:
- Important change: Updated rules, tests and docs with Microsoft Defender for Cloud by @jonathanruiz.
#545- The following rules have been renamed with aliases:
- Renamed
Azure.SQL.ThreatDetectiontoAzure.SQL.DefenderCloud. - Renamed
Azure.SecurityCenter.ContacttoAzure.DefenderCloud.Contact. - Renamed
Azure.SecurityCenter.ProvisioningtoAzure.DefenderCloud.Provisioning.
- Renamed
- If you are referencing the old names please consider updating to the new names.
- The following rules have been renamed with aliases:
- Updated documentation examples for Front Door and Key Vault rules by @lluppesms.
#1667 - Improved the way we check that VM or VMSS has Linux by @VeraBE
#1704
- Important change: Updated rules, tests and docs with Microsoft Defender for Cloud by @jonathanruiz.
- General improvements:
- Updated NSG documentation with code snippets and links by @simone-bennett.
#1607 - Updated Application Gateway documentation with code snippets by @ms-sambell.
#1608 - Updated SQL firewall rules documentation by @ms-sambell.
#1569 - Updated Container Apps documentation and rule to new resource type by @marie-schmidt.
#1672 - Updated KeyVault and FrontDoor documentation with code snippets by @lluppesms.
#1667 - Added tag and annotation metadata from policy for rules generation by @BernieWhite.
#1652
- Updated NSG documentation with code snippets and links by @simone-bennett.
- Bug fixes:
- Fixed continue processing policy assignments on error by @BernieWhite.
#1651 - Fixed handling of runtime assessment data by @BernieWhite.
#1707 - Fixed conversion of type conditions to pre-conditions by @BernieWhite
#1708
- Fixed continue processing policy assignments on error by @BernieWhite.
See change log
Contributors
jonathanruiz, VeraBE, and 8 other contributors