September 23, 2024, Conformity—Rule Update
Azure
- Sql-009: Enable Vulnerability Assessment Email Notifications for Admins and Subscription Owners:
- Sql-017: Enable Vulnerability Assessment for Microsoft SQL Servers:
- Sql-018: Enable Vulnerability Assessment Periodic Recurring Scans: Updated this rule to a not scored rule. Azure supports vulnerability assessment with `express` and `classic` configurations. Express configuration is now the default procedure and there is no need to configure notification setting with the email addresses. There is no way to check if the vulnerability assessment configuration is `express` or `classic` via API.