controls
Threat detection (CC7.x)
Continuous monitoring, alerting, and incident detection controls.
What we check
- Defender for Cloud enabled on every subscription
- Defender for Servers Plan 2 on production
- Alert workflow automations wired to a ticketing system
How to fix
az security pricing create --name VirtualMachines --tier Standard