| Plugin Title | Monitor System Updates |
| Cloud | AZURE |
| Category | Defender |
| Description | Ensures that Monitor System Updates is enabled in Defender |
| More Info | When this setting is enabled, Defender will audit virtual machines for pending OS or system updates. |
| AZURE Link | https://learn.microsoft.com/en-us/azure/defender-for-cloud/policy-reference |
| Recommended Action | Ensure System Update monitoring is configured for virtual machines from the Microsoft Defender. |
- Log in to the Microsoft Azure Management Console.
- Select the "Search resources, services, and docs" option at the top and search for "Policy" and select the "Policy".
- Scroll down the left navigation panel and select "Compliance".
- On the "Policy | Compliance" page, under "Name" column select compliance for the "Scope" of necessary Subscription.
- On the "Policy| Compliance" page select the "View Assignment" Tab on the top.
- On the "Policy| Compliance | Subscription" page, Select the "Edit Assignment" Tab at the top.
- On the Assign Initiative page, select the "Parameters" tab and uncheck "Only show parameters that need input or review". It will show you a list of parameters.
- In the list search for the setting "System updates should be installed on your machines". If it's set to "Disabled" then "System Update monitoring" is not enabled on the selected "Subscription".
- To enable "System Update monitoring" click to open the dropdown of "System updates should be installed on your machines" and select the "AuditIfNotExists" option.
- Click on the "Review + save" button to make the necessary changes.
- Repeat steps number 3 - 10 to ensure "System Update monitoring" is configured from the Azure Defender.
