Views:
After connecting your Azure subscription to Trend Vision One, the following rules may show as failed in Misconfiguration and Compliance:
  • Use BYOK for Storage Account Encyrption
  • Storage Account Encyrption using Customer Managed Keys
  • Private Endpoint in Use
  • Restrict Default Network Access for Storage Accounts
  • Enable Blob Storage Lifecycle Management
These failed checks are a normal part of the integration process and do not indicate an error on your part. These failures occur because certain configurations require information or specific actions from you to finish setting up your Azure environment.
After completing the steps below, run another scan in Cloud SecurityCloud Risk ManagementMisconfiguration and Compliance to confirm that your environment now meets the compliance requirements. This process ensures that your Azure subscription is correctly configured and fully integrated with Trend Vision One.
  1. In Trend Vision One, go to Cloud SecurityCloud Risk ManagementMisconfiguration and Compliance.
  2. In the left pane, click an Azure subscription, and then click View All Checks.
  3. Optionally, click the plus icon beside a failed check to view details.
  4. Click Resolve beside the failed rule you want to fix.
    A drawer slides out displaying instructions for the failure check. Review the content to understand the rule and the compliance it is trying to match.
  5. Use the instructions provided to remediate the misconfiguration:
    • If you are using Azure portal, follow the steps to address the issue within the Azure portal.
    • If you are using Aure CLI, follow the steps to address the issue using the Azure CLI.
    When you have finished remediating the misconfiguration, close the instructions window.
  6. Click Configure rule... to configure the rule settings, set the rule as an exception, and add notes.
    • Settings: If the rule allows customization then the allowable configurations are displayed.
    • Exceptions: Checks matching by tags or Resource ID will be removed immediately. To restore excluded checks, save a new exceptions configuration or reset the rule settings to the default and start a scan.
    • Note: Notes are brief written records or annotations made to capture important information, thoughts, or reminders.
  7. Click Send rule to … to share the rule resolution by email with other users.
  8. Repeat steps 1 - 5 for each storage account within the selected subscription.