Auto-Remediation of SharePoint Incidents
Auto-Remediation is a triggered response to a policy violation. It is an automated approach to security, applying the appropriate response to a vulnerability in your SharePoint deployment. It ensures a high level of functionality by continuously monitoring risks. And it automatically remediates policy violation issues and reduces the window of malicious opportunity.
SharePoint Config Audit policies support both manual remediation and Auto-Remediation. You can choose the required remediation to reduce malicious activities on your SharePoint application.
- For manual remediation, update the response action manually on the Incidents cloud card.
- For auto-remediation, configure auto-remediation in the Config Audit policy, and the response action automatically triggers and remediates the policy violation.
Supported Remediation Actions
These are the supported remediation actions for SharePoint for the supported policy templates.
Remediation Actions |
Policy Templates |
---|---|
Email Notification | All SharePoint policy templates |
Enable configuration at global level |
|
Configure Auto-Remediation
You can add Auto-Remediation to the selected SharePoint policies. Changes are not applied retroactively.
To add an auto-remediation response:
- Choose Policy > Configuration Audit.
- To customize the affected policy, click Edit.
- Under Response, select Edit.
- You are redirected to the following screen. To add the responses, click Add.
- Select the required responses from the list and click Next.
- Verify the selected response is shown under Responses and click Done.