Recently got the question on how to enable certain environment settings in Microsoft Defender for Cloud. This post will be targeted at enabling the vulnerability assessment for machines feature and assumes that Defender for Servers itself is already enabled. In Azure this is managed via the Microsoft.Security/serverVulnerabilityAssessmentsSettings resource. This resource is used to enable the Vulnerability Management of Defender for Servers on Azure. This is a great way to ensure that you gain valuable insights on the vulnerabilities applicable to your servers and ensure they are protected against the latest threats.
When we look at the documentation of this resource it already describes a name, kind and a properties object with the selected provider. This selected provider also includes the example of MdeTvm as required value. Making it clear that this is the only value that we can currently pick.
Before running the deployment:
Bicep example
If we would put this in a Bicep template, this would look like this:
targetScope = 'subscription'
resource serverVulnerabilityAssessmentsSettings 'Microsoft.Security/serverVulnerabilityAssessmentsSettings@2023-05-01' = {
name: 'AzureServersSetting'
kind: 'AzureServersSetting'
properties: {
selectedProvider: 'MdeTvm'
}
}
There are a couple of things to note from this Bicep template; one of the first things is the targetScope that is set to subscription. This is because the Vulnerability Management of Defender for Servers is a subscription level resource. The second thing to note is the kind and name that is set to AzureServersSetting. This is the kind that is used for the Vulnerability Management of Defender for Servers. With this template in hand all that we have to do is utilize New-AzSubscriptionDeployment -name 'va' -TemplateFile .\vulnerabilityAssessment.bicep -Location 'westeurope' to deploy it to our subscription.
After running the deployment:
Conclusion
So there we have it. When we now deploy this against our subscription we have enabled the Vulnerability Management of Defender for Servers on Azure. This is a great way to ensure that all your servers are protected against the latest threats.