This topic contains the following sections.
To navigate to the Compliance Dashboard page in the Lacework Console, select Compliance > Azure > Dashboard.
To populate the Azure data viewed in this page, you must configure an integration to at least one Azure Subscription, or integrate at an Azure Tenant level for multiple Azure Subscriptions. For more information, see Integrate Lacework with Azure.
This dashboard provides a view of your Azure Tenants and Subscriptions that are integrated with Lacework and their related compliance information and details.
Use the filtering drop-downs ('Tenants' and 'Subscriptions') to limit the results displayed in the dashboard. The filtering drop-downs are located in the top middle of the panel and defaults to 'All Tenants' and 'All Subscriptions'.
The first panel is an at-a-glance Compliance Summary that displays the following:
- number of Azure Subscriptions analyzed
- number of resources monitored
- percentage of resources in violation
- count of resources in violation
- number of critical CIS benchmark recommendations in violation
- number of critical storage for Azure recommendations in violation
To view a breakdown by section, click the percentage or count of resources in violation in the middle-subpanel. A breakdown of resources in violation are displayed and grouped by the following sections:
- LOGGING AND MONITORING
- SECURITY CENTER
- VIRTUAL MACHINES
- SQL SERVERS
- SQL DATABASES
- OTHER SECURITY CONSIDERATIONS
The next panel displays the Subscription summary table that provides details about the Azure Subscriptions integrated into Lacework that are in violation. Under Status, the current status of the integration between Lacework and the listed Azure Subscription is displayed.
- Enabled — The integration between Lacework and the listed Azure Subscription is active.
- Deleted — At one point, the integration between Lacework and the listed Azure Subscription was active but now that integration has been deleted.
- Disabled — The integration between Lacework and the listed Azure Subscription has been disabled.
- Integration Failed — Lacework encountered a problem while attempting to use the integration between Lacework and the Azure Subscription, for example, the correct privileges may not have been granted.
To drill-down to the associated Compliance Report and view the affected non-compliant resources in violation, hover over an Azure Subscription row and click View Report.
CIS Benchmark Overview
Under the Project Summary panel is the CIS Benchmark Overview panel. This panel display an aggregation of data for the selected Azure Subscription(s) correlating to the control rules in the associated compliance benchmarks. Details such as severity, recommendation, service, and number/percentage of resources in violation are displayed.
The top five recommendations are displayed by default. To see all the recommendations sorted by severity, click View number More Recommendations.
To view additional details about a recommendation, hover over a recommendation row and click View Details.