Review your security recommendations

This topic explains how to view and understand the recommendations in Azure Security Center to help you protect your Azure resources.

Monitor recommendations

Security Center analyzes the security state of your resources to identify potential vulnerabilities.

  1. From Security Center's menu, open the Recommendations page to see the recommendations applicable to your environment. Recommendations are grouped into security controls.

    Recommendations grouped by security control

  2. To find recommendations specific to the resource type, severity, environment, or other criteria that are important to you, use the optional filters above the list of recommendations.

    Filters for refining the list of Azure Security Center recommendations

  3. Expand a control and select a specific recommendation to view the recommendation details page.

    Recommendation details page.

    The page includes:

    1. For supported recommendations, the top toolbar shows any or all of the following buttons:
    2. Severity indicator
    3. Freshness interval (where relevant)
    4. Count of exempted resources if exemptions exist for this recommendation, this shows the number of resources that have been exempted
    5. Description - A short description of the issue
    6. Remediation steps - A description of the manual steps required to remediate the security issue on the affected resources. For recommendations with 'quick fix', you can select View remediation logic before applying the suggested fix to your resources.
    7. Affected resources - Your resources are grouped into tabs:
      • Healthy resources – Relevant resources which either aren't impacted or on which you've already remediated the issue.

      • Unhealthy resources – Resources which are still impacted by the identified issue.

      • Not applicable resources – Resources for which the recommendation can't give a definitive answer. The not applicable tab also includes reasons for each resource.

        Not applicable resources with reasons.

    8. Action buttons to remediate the recommendation or trigger a logic app.

Preview recommendations

Recommendations flagged as Preview aren't included in the calculations of your secure score.

They should still be remediated wherever possible, so that when the preview period ends they'll contribute towards your score.

An example of a preview recommendation:

Recommendation with the preview flag

Next steps

In this document, you were introduced to security recommendations in Security Center. For related information: