Remediate recommendations in Azure Security Center

Recommendations give you suggestions on how to better secure your resources. You implement a recommendation by following the remediation steps provided in the recommendation.

Remediation steps

After reviewing all the recommendations, decide which one to remediate first. We recommend that you prioritize the security controls with the highest potential to increase your secure score.

  1. From the list, select a recommendation.

  2. Follow the instructions in the Remediation steps section. Each recommendation has its own set of instructions. The following screenshot shows remediation steps for configuring applications to only allow traffic over HTTPS.

    Manual remediation steps for a recommendation

  3. Once completed, a notification appears informing you whether the issue is resolved.

Quick fix remediation

To simplify remediation and improve your environment's security (and increase your secure score), many recommendations include a quick fix option.

Quick fix helps you to quickly remediate a recommendation on multiple resources.

Tip

Quick fix solutions are only available for specific recommendations. To find the recommendations that have an available quick fix, use the Response actions filter for the list of recommendations:

Use the filters above the recommendations list to find recommendations that have the quick fix option

To implement a quick fix solution:

  1. From the list of recommendations that have the Quick Fix! label, select a recommendation.

    Select Quick Fix!

  2. From the Unhealthy resources tab, select the resources that you want to implement the recommendation on, and select Remediate.

    Note

    Some of the listed resources might be disabled, because you don't have the appropriate permissions to modify them.

  3. In the confirmation box, read the remediation details and implications.

    Quick fix

    Note

    The implications are listed in the grey box in the Remediate resources window that opens after clicking Remediate. They list what changes happen when proceeding with the quick fix remediation.

  4. Insert the relevant parameters if necessary, and approve the remediation.

    Note

    It can take several minutes after remediation completes to see the resources in the Healthy resources tab. To view the remediation actions, check the activity log.

  5. Once completed, a notification appears informing you if the remediation succeeded.

Quick fix remediation logging in the activity log

The remediation operation uses a template deployment or REST PATCH API call to apply the configuration on the resource. These operations are logged in Azure activity log.

Next steps

In this document, you were shown how to remediate recommendations in Security Center. To learn more about Security Center, see the following pages: