Document Details
Control Mapping
❌
This page contains Windows bias
About This Page
This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
Bias Analysis
Bias Types:
⚠️
windows_first
⚠️
missing_linux_example
⚠️
windows_tools
Summary:
The documentation page demonstrates a Windows bias by frequently referencing Windows-specific audit results, tools, and extensions (such as the Microsoft IaaSAntimalware extension and auditing of Windows VMs) without providing equivalent Linux examples or mentioning Linux tools. In several controls, only Windows VMs or Windows web servers are mentioned for auditing or compliance, while Linux systems are addressed less frequently and with less detail. Endpoint protection and antivirus guidance is Windows-centric, and there is a lack of parity in examples or recommendations for Linux environments.
Recommendations:
- For every control or recommendation that references Windows VMs, provide equivalent guidance and examples for Linux VMs (e.g., auditing sudoers or root group membership, using Linux-compatible antimalware solutions).
- When mentioning deployment of prerequisites or audit results for Windows, include parallel instructions or references for Linux (e.g., using Azure's Log Analytics Agent on Linux, or Linux security extensions).
- List Linux and Windows examples together, or alternate which platform is mentioned first, to avoid the impression of Windows being the default or primary platform.
- For antivirus and endpoint protection, specify recommended solutions for Linux VMs and virtual machine scale sets, not just Windows.
- Where possible, generalize recommendations to cover both Windows and Linux, or explicitly state when a control is applicable to one OS only.
- Ensure that all Azure Policy definitions and compliance checks referenced are available and documented for both Windows and Linux environments.
Create pull request