Change log: CIS Microsoft Azure Foundations Benchmark
As of 16 June 2025, you cannot create new instances in this version of this product. All of the functionality is now available in the updated experience of Security and Compliance Center Workload Protection. For more information, see the transition documentation.
In this change log, you can learn about the latest changes, improvements, and updates for the CIS Microsoft Azure Foundations Benchmark profile. The change log lists changes that were made, ordered by the version number.
To work with this profile, you must connect an instance of Workload Protection.
Profile versioning
When specifications or controls are edited, removed from, or added to a profile in a way that is not compatible with the current version, a new version is released. To take advantage of the changes in a new version, update your attachments to use the newest profile version.
This profile is consistently updated and is not an exhaustive list of all the controls that might be required for every organization. Be sure to validate the available controls to determine where you might need to supplement your workloads with other security measures.
Version summary
The following table details the release dates and status of each profile version.
New attachments cannot be created on deprecated profile versions. Select the most recent version to use for your evaluation.
Version number | Release date | Status |
---|---|---|
Version 1.1.0 | 2023-10-17 |
Active |
Version 1.0.0 | 2023-07-14 |
Active |
Version 1.1.0
- Now available
- As of 17 October 2023, the control hierarchy in the CIS Microsoft Azure Foundations Benchmark profile has changed. Assessments have been remapped so that a single assessment is mapped to a single specification. No new assessments were added.
Version 1.0.0
- Now available
- Released today, 14 July 2023, the CIS Microsoft Azure Foundations Benchmark is a collection of controls designed to validate the configuration of your Kubernetes Service clusters. This profile is evaluated by using
wp-rule
assessments. These are assessments that are defined by the Workload Protection service and imported into Security and Compliance Center.