メインコンテンツへスキップ

Assign Security Standards

Implementation Effort: Medium – Assigning standards requires administrative access and coordination with compliance and security teams to align cloud environments with regulatory and organizational requirements.

User Impact: Low – This is a backend configuration task; end users are not directly affected.

Overview

Assigning security standards in Microsoft Defender for Cloud enables continuous assessment of your cloud environments against industry and regulatory benchmarks. These standards include frameworks such as:

  • Microsoft Cloud Security Benchmark (MCSB) – Default for Azure, AWS, and GCP.
  • CIS Benchmarks, NIST 800-53, PCI DSS, ISO 27001, and others depending on the cloud provider.

To assign a standard:

  1. Sign in to the Azure portal.
  2. Navigate to Microsoft Defender for Cloud > Regulatory compliance.
  3. Select Manage compliance policies.
  4. Choose the scope (Azure subscription, AWS account, or GCP project).
  5. Select Security policies.
  6. Toggle the desired standard to On 1.

Once assigned, Defender for Cloud continuously evaluates resources within the selected scope and provides compliance scores, control-level assessments, and remediation guidance. Standards can be applied at the subscription, management group, or organizational level.

This activity supports the Zero Trust principle of "Verify Explicitly" by ensuring that cloud resources are continuously monitored against trusted compliance frameworks, helping to identify misconfigurations and reduce risk exposure.

Reference