Azure Introduction
Azure Pricing
Azure Threats
No Security Contact Set
More Info:
Set at least one security contact.
Risk Level
Low
Address
Security
Compliance Standards
CBP
Triage and Remediation
Remediation
To remediate the “No Security Contact Set” misconfiguration in Azure, you can follow these steps:
- Log in to the Azure portal (https://portal.azure.com).
- Navigate to the Security Center by clicking on the “Security Center” icon in the left-hand menu.
- In the Security Center, click on the “Secure score” tab in the left-hand menu.
- Scroll down to the “No security contact set” item in the list and click on it.
- Click on the “Remediate” button to the right of the item.
- In the “Remediation tasks” pane that appears, select the subscription(s) and resource group(s) that you want to apply the remediation to.
- Click on the “Remediate” button at the bottom of the pane to apply the remediation.
After completing these steps, Azure will set a security contact for the selected subscription(s) and resource group(s), which will ensure that security alerts and notifications are sent to the appropriate parties.
To remediate the “No Security Contact Set” misconfiguration in Azure using Azure CLI, you can follow these steps:
-
Open the Azure CLI and login to your Azure account.
-
Run the following command to get the list of security contacts set for your subscription:
az security contact list --query '[].{name:name,email:email}' --output tableIf the output is empty, it means that no security contact has been set for your subscription.
-
To set a security contact for your subscription, run the following command:
az security contact create --email <email_address> --name <name> --phone <phone_number>Replace
<email_address>,<name>, and<phone_number>with the appropriate values. -
Once the command is executed successfully, run the following command again to verify that the security contact has been set:
az security contact list --query '[].{name:name,email:email}' --output tableThe output should now show the security contact that you just set.
By following these steps, you have successfully remediated the “No Security Contact Set” misconfiguration in Azure using Azure CLI.
To remediate the misconfiguration “No Security Contact Set” in Azure using Python, you can follow these steps:
- Import the necessary modules:
from azure.identity import DefaultAzureCredential
from azure.mgmt.security import SecurityCenter
- Authenticate to Azure using the
DefaultAzureCredential:
credential = DefaultAzureCredential()
- Create a
SecurityCenterclient object:
security_center_client = SecurityCenter(
credential=credential,
subscription_id="<subscription-id>"
)
Note: Replace <subscription-id> with your Azure subscription ID.
- Get the security contact for the subscription:
security_contact = security_center_client.security_contacts.get(
resource_group_name="<resource-group-name>",
security_contact_name="<security-contact-name>"
)
Note: Replace <resource-group-name> and <security-contact-name> with the appropriate values.
- If the
security_contactobject isNone, create a new security contact:
if security_contact is None:
security_center_client.security_contacts.create(
resource_group_name="<resource-group-name>",
security_contact_name="<security-contact-name>",
email="<email-address>",
phone="<phone-number>"
)
Note: Replace <email-address> and <phone-number> with the appropriate values.
- If the
security_contactobject is notNone, update the existing security contact:
else:
security_center_client.security_contacts.create_or_update(
resource_group_name="<resource-group-name>",
security_contact_name="<security-contact-name>",
email="<email-address>",
phone="<phone-number>"
)
Note: Replace <email-address> and <phone-number> with the appropriate values.
- Verify that the security contact has been set:
security_contact = security_center_client.security_contacts.get(
resource_group_name="<resource-group-name>",
security_contact_name="<security-contact-name>"
)
if security_contact is not None:
print("Security contact set successfully.")
else:
print("Failed to set security contact.")
That’s it! These steps will remediate the misconfiguration “No Security Contact Set” in Azure using Python.