| Plugin Title | Monitor System Updates |
| Cloud | AZURE |
| Category | Security Center |
| Description | Ensures that Monitor System Updates is enabled in Security Center |
| More Info | When this setting is enabled, Security Center will audit virtual machines for pending OS or system updates. |
| AZURE Link | https://docs.microsoft.com/en-us/azure/security-center/security-center-policy-definitions |
| Recommended Action | Ensure System Update monitoring is configured for virtual machines from the Azure Security Center. |
- Log in to the Microsoft Azure Management Console.
- Select the "Search resources, services, and docs" option at the top and search for "Microsoft Defender for Cloud".
- Scroll down the left navigation panel and select the "Environment Settings" under "Management".
- On the "Microsoft Defender for Cloud | Environment settings" page, under "Name" column select the "Subscription Name" that needs to be verified by clicking on its Name.
- On the "Settings" page scroll down the "Policy settings" section and select "Security Policy".
- On the "Settings | Security policy" page, Select the "Subscription" link under the "Security policy" at the top to get into the configuration settings.
- On the Settings page, select the "Parameters" tab and uncheck "Only show parameters that need input or review". It will show you a list of parameters.
- In the list search for the setting "System updates should be installed on your machines". If it's set to "Disabled" then "System Update monitoring" is not enabled on the selected "Subscription".
- To enable "System Update monitoring" click to open the dropdown of "System updates should be installed on your machines" and select the "AuditIfNotExists" option. Click on the "Review + save" button at the bottom.
- On the "Review + save" page, click on "Save" button to make the necessary changes.
- Repeat steps number 3 - 10 to ensure "System Update monitoring" is configured from the Azure Security Center.
