If proactive defense of the specified type is enabled in the Security Center console, the evaluation result is Compliant.
Scenarios
You can enable the proactive defense feature in the Security Center console to enhance the security of cloud hosts, on-premises servers, and containers.
Risk level
Default risk level: high.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
- If proactive defense of the specified type is enabled in the Security Center console, the evaluation result is Compliant.
- If proactive defense of the specified type is not enabled in the Security Center console, the evaluation result is Incompliant. For more information about how to remediate an incompliant configuration, see the "Incompliance remediation" section of this topic.
Rule details
| Item | Description |
|---|---|
| Rule name | security-center-defense-config-check |
| Rule identifier | security-center-defense-config-check |
| Tag | SecurityCenter |
| Automatic remediation | Not supported |
| Trigger type | Periodic execution |
| Evaluation frequency | Interval of 24 hours |
| Supported resource type | All resources |
| Input parameter | Type: The default value is auto_breaking. |
Incompliance remediation
Enable the proactive defense feature of the specified type in the Security Center console. For more information, see Use the antivirus feature.