Skip to content
HOME / AZURE / REGULATORY COMPLIANCE USING MICROSOFT 4 years AGO

Azure

Regulatory compliance using Microsoft Defender for Cloud

ARNAV SHARMA
2022.08.08 · 2 MIN READ
AzureSecurityazure
Regulatory compliance using Microsoft Defender for Cloud

Last Updated on August 13, 2025 by Arnav Sharma

The regulatory compliance dashboard in Microsoft Defender for Cloud shows your selected compliance standards with all their requirements, where supported requirements are mapped to applicable security assessments. The status of these assessments reflects your compliance with the standard.

  • The regulatory compliance dashboard shows the status of all the assessments within your environment for your chosen standards and regulations. As you act on the recommendations and reduce risk factors in your environment, your compliance posture improves.
  • Using the information in the regulatory compliance dashboard, you can improve your compliance posture by resolving recommendations directly within the dashboard.
  • You can select any of the failing assessments that appear in the dashboard to view the details for that recommendation. Each recommendation includes a set of remediation steps to resolve the issue.
  • From there, you can select any of the failing assessments that appear in the dashboard to view the details for that recommendation. Each recommendation includes a set of remediation steps to resolve the issue.

Add a standard to your Azure resources

To add standards to your dashboard:

  • The subscription must have Defender for Cloud’s enhanced security features enabled
  • The user must have owner or policy contributor permissions
  1. Open Defender for Cloud and then browse to Regulatory Compliance and Manage Policies

2. Select the Subscrition:

3. Browse to Policies and add Standards:

4. Add the required ones:

5. Review and Create:

6. To assign the initiative, hit assign and apply on the Subscription or RG level.

What regulatory compliance standards are available in Defender for Cloud?

By default, every Azure subscription has the Azure Security Benchmark assigned.

Available regulatory standards:

  • PCI-DSS v3.2.1:2018
  • SOC TSP
  • NIST SP 800-53 R4
  • NIST SP 800 171 R2
  • UK OFFICIAL and UK NHS
  • Canada Federal PBMM
  • Azure CIS 1.1.0
  • HIPAA/HITRUST
  • SWIFT CSP CSCF v2020
  • ISO 27001:2013
  • New Zealand ISM Restricted
  • CMMC Level 3
  • Azure CIS 1.3.0
  • NIST SP 800-53 R5
  • FedRAMP H
  • FedRAMP M

Available AWS regulatory standards:

  • AWS CIS 1.2.0
  • AWS PCI DSS 3.2.1

GCP compliance frameworks:

Available GCP regulatory standards:

  • GCP CIS 1.1.0
  • GCP CIS 1.2.0
  • GCP ISO 27001
  • GCP NIST 800 53
  • PCI DSS 3.2.1

Arnav Sharma
Arnav Sharma Microsoft MVPMCT
Microsoft Certified Trainer · Cloud · Cybersecurity · AI

I help organisations secure their cloud infrastructure and stay ahead of evolving cyber threats. Microsoft MVP and Certified Trainer, author of Mastering Azure Security, and founder of arnav.au — a platform for practical Cloud, Cybersecurity, DevOps and AI content.

Frequently Asked Questions

KEEP READING

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.