Download MonitorControl For Mac 3.1.1
Posted : admin On 1/24/2022Nov 16, 2021 Download the latest version of Drive Genius for Mac for free. Read 283 user reviews and compare with similar apps on MacUpdate. Download Blurb BookSmart 3.1.1 for Mac for free, without any viruses, from Uptodown. Try the latest version of Blurb BookSmart for Mac. Hudson 3.1.2 is available for early testing. This release is a small bugfix release addressing some high priority issues encountered in 3.1.1. The release candidate can be obtained from the downloads page. Hudson 3.1.1 Available for Download. The Hudson Team are pleased to announce the availability of the 3.1.1 release. Globalprotect 3.1 1 Download Mac Os Mac Globalprotect Uninstall GlobalProtect for Android connects to a GlobalProtect gateway on a Palo Alto Networks next-generation firewall allowing mobile users to benefit from the protection of enterprise security.
-->The following article details how the Azure Policy Regulatory Compliance built-in initiativedefinition maps to compliance domains and controls in NIST SP 800-171 R2.For more information about this compliance standard, seeNIST SP 800-171 R2. To understandOwnership, see Azure Policy policy definition andShared responsibility in the cloud.
The following mappings are to the NIST SP 800-171 R2 controls. Use thenavigation on the right to jump directly to a specific compliance domain. Many of the controlsare implemented with an Azure Policy initiative definition. To review the completeinitiative definition, open Policy in the Azure portal and select the Definitions page.Then, find and select the NIST SP 800-171 R2 Regulatory Compliance built-ininitiative definition.
Important
Each control below is associated with one or more Azure Policy definitions.These policies may help you assess compliance with thecontrol; however, there often is not a one-to-one or complete match between a control and one ormore policies. As such, Compliant in Azure Policy refers only to the policy definitionsthemselves; this doesn't ensure you're fully compliant with all requirements of a control. Inaddition, the compliance standard includes controls that aren't addressed by any Azure Policydefinitions at this time. Therefore, compliance in Azure Policy is only a partial view of youroverall compliance status. The associations between compliance domains, controls, and Azure Policydefinitions for this compliance standard may change over time. To view the change history, see theGitHub Commit History.
Access Control
Limit system access to authorized users, processes acting on behalf of authorized users, and devices (including other systems).
ID: NIST SP 800-171 R2 3.1.1Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities | This policy adds a system-assigned managed identity to virtual machines hosted in Azure that are supported by Guest Configuration but do not have any managed identities. A system-assigned managed identity is a prerequisite for all Guest Configuration assignments and must be added to machines before using any Guest Configuration policy definitions. For more information on Guest Configuration, visit https://aka.ms/gcpol. | modify | 1.0.0 |
| Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity | This policy adds a system-assigned managed identity to virtual machines hosted in Azure that are supported by Guest Configuration and have at least one user-assigned identity but do not have a system-assigned managed identity. A system-assigned managed identity is a prerequisite for all Guest Configuration assignments and must be added to machines before using any Guest Configuration policy definitions. For more information on Guest Configuration, visit https://aka.ms/gcpol. | modify | 1.0.0 |
| Audit Linux machines that allow remote connections from accounts without passwords | Requires that prerequisites are deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. Machines are non-compliant if Linux machines that allow remote connections from accounts without passwords | AuditIfNotExists, Disabled | 1.0.0 |
| Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs | This policy deploys the Windows Guest Configuration extension to Windows virtual machines hosted in Azure that are supported by Guest Configuration. The Windows Guest Configuration extension is a prerequisite for all Windows Guest Configuration assignments and must be deployed to machines before using any Windows Guest Configuration policy definition. For more information on Guest Configuration, visit https://aka.ms/gcpol. | deployIfNotExists | 1.0.1 |
| Deprecated accounts should be removed from your subscription | Deprecated accounts should be removed from your subscriptions. Deprecated accounts are accounts that have been blocked from signing in. | AuditIfNotExists, Disabled | 3.0.0 |
| Deprecated accounts with owner permissions should be removed from your subscription | Deprecated accounts with owner permissions should be removed from your subscription. Deprecated accounts are accounts that have been blocked from signing in. | AuditIfNotExists, Disabled | 3.0.0 |
| External accounts with owner permissions should be removed from your subscription | External accounts with owner permissions should be removed from your subscription in order to prevent unmonitored access. | AuditIfNotExists, Disabled | 3.0.0 |
| External accounts with read permissions should be removed from your subscription | External accounts with read privileges should be removed from your subscription in order to prevent unmonitored access. | AuditIfNotExists, Disabled | 3.0.0 |
| External accounts with write permissions should be removed from your subscription | External accounts with write privileges should be removed from your subscription in order to prevent unmonitored access. | AuditIfNotExists, Disabled | 3.0.0 |
| Remote debugging should be turned off for API Apps | Remote debugging requires inbound ports to be opened on API apps. Remote debugging should be turned off. | AuditIfNotExists, Disabled | 1.0.0 |
| Remote debugging should be turned off for Function Apps | Remote debugging requires inbound ports to be opened on function apps. Remote debugging should be turned off. | AuditIfNotExists, Disabled | 1.0.0 |
| Remote debugging should be turned off for Web Applications | Remote debugging requires inbound ports to be opened on a web application. Remote debugging should be turned off. | AuditIfNotExists, Disabled | 1.0.0 |
| Storage accounts should restrict network access | Network access to storage accounts should be restricted. Configure network rules so only applications from allowed networks can access the storage account. To allow connections from specific internet or on-premises clients, access can be granted to traffic from specific Azure virtual networks or to public internet IP address ranges | Audit, Deny, Disabled | 1.1.1 |
| Windows machines should meet requirements for 'Security Options - Network Security' | Windows machines should have the specified Group Policy settings in the category 'Security Options - Network Security' for including Local System behavior, PKU2U, LAN Manager, LDAP client, and NTLM SSP. This policy requires that the Guest Configuration prerequisites have been deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. | AuditIfNotExists, Disabled | 2.0.0 |
Control the flow of CUI in accordance with approved authorizations.
ID: NIST SP 800-171 R2 3.1.3Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| CORS should not allow every resource to access your Web Applications | Cross-Origin Resource Sharing (CORS) should not allow all domains to access your web application. Allow only required domains to interact with your web app. | AuditIfNotExists, Disabled | 1.0.0 |
Separate the duties of individuals to reduce the risk of malevolent activity without collusion.
ID: NIST SP 800-171 R2 3.1.4Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| A maximum of 3 owners should be designated for your subscription | It is recommended to designate up to 3 subscription owners in order to reduce the potential for breach by a compromised owner. | AuditIfNotExists, Disabled | 3.0.0 |
| Audit Windows machines missing any of specified members in the Administrators group | Requires that prerequisites are deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. Machines are non-compliant if the local Administrators group does not contain one or more members that are listed in the policy parameter. | auditIfNotExists | 1.0.0 |
| Audit Windows machines that have the specified members in the Administrators group | Requires that prerequisites are deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. Machines are non-compliant if the local Administrators group contains one or more of the members listed in the policy parameter. | auditIfNotExists | 1.0.0 |
| There should be more than one owner assigned to your subscription | It is recommended to designate more than one subscription owner in order to have administrator access redundancy. | AuditIfNotExists, Disabled | 3.0.0 |
Monitor and control remote access sessions.
ID: NIST SP 800-171 R2 3.1.12Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities | This policy adds a system-assigned managed identity to virtual machines hosted in Azure that are supported by Guest Configuration but do not have any managed identities. A system-assigned managed identity is a prerequisite for all Guest Configuration assignments and must be added to machines before using any Guest Configuration policy definitions. For more information on Guest Configuration, visit https://aka.ms/gcpol. | modify | 1.0.0 |
| Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity | This policy adds a system-assigned managed identity to virtual machines hosted in Azure that are supported by Guest Configuration and have at least one user-assigned identity but do not have a system-assigned managed identity. A system-assigned managed identity is a prerequisite for all Guest Configuration assignments and must be added to machines before using any Guest Configuration policy definitions. For more information on Guest Configuration, visit https://aka.ms/gcpol. | modify | 1.0.0 |
| Audit Linux machines that allow remote connections from accounts without passwords | Requires that prerequisites are deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. Machines are non-compliant if Linux machines that allow remote connections from accounts without passwords | AuditIfNotExists, Disabled | 1.0.0 |
| Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs | This policy deploys the Windows Guest Configuration extension to Windows virtual machines hosted in Azure that are supported by Guest Configuration. The Windows Guest Configuration extension is a prerequisite for all Windows Guest Configuration assignments and must be deployed to machines before using any Windows Guest Configuration policy definition. For more information on Guest Configuration, visit https://aka.ms/gcpol. | deployIfNotExists | 1.0.1 |
| Remote debugging should be turned off for API Apps | Remote debugging requires inbound ports to be opened on API apps. Remote debugging should be turned off. | AuditIfNotExists, Disabled | 1.0.0 |
| Remote debugging should be turned off for Function Apps | Remote debugging requires inbound ports to be opened on function apps. Remote debugging should be turned off. | AuditIfNotExists, Disabled | 1.0.0 |
| Remote debugging should be turned off for Web Applications | Remote debugging requires inbound ports to be opened on a web application. Remote debugging should be turned off. | AuditIfNotExists, Disabled | 1.0.0 |
| Storage accounts should restrict network access | Network access to storage accounts should be restricted. Configure network rules so only applications from allowed networks can access the storage account. To allow connections from specific internet or on-premises clients, access can be granted to traffic from specific Azure virtual networks or to public internet IP address ranges | Audit, Deny, Disabled | 1.1.1 |
| Windows machines should meet requirements for 'Security Options - Network Security' | Windows machines should have the specified Group Policy settings in the category 'Security Options - Network Security' for including Local System behavior, PKU2U, LAN Manager, LDAP client, and NTLM SSP. This policy requires that the Guest Configuration prerequisites have been deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. | AuditIfNotExists, Disabled | 2.0.0 |
Audit and Accountability
Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity.
ID: NIST SP 800-171 R2 3.3.1Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Audit diagnostic setting | Audit diagnostic setting for selected resource types | AuditIfNotExists | 1.0.0 |
| Auditing on SQL server should be enabled | Auditing on your SQL Server should be enabled to track database activities across all databases on the server and save them in an audit log. | AuditIfNotExists, Disabled | 2.0.0 |
| Azure Defender for SQL should be enabled for unprotected Azure SQL servers | Audit SQL servers without Advanced Data Security | AuditIfNotExists, Disabled | 2.0.1 |
| Azure Defender for SQL should be enabled for unprotected SQL Managed Instances | Audit each SQL Managed Instance without advanced data security. | AuditIfNotExists, Disabled | 1.0.2 |
| Log Analytics Agent should be enabled for listed virtual machine images | Reports virtual machines as non-compliant if the virtual machine image is not in the list defined and the agent is not installed. | AuditIfNotExists, Disabled | 2.0.0-preview |
| Log Analytics agent should be enabled in virtual machine scale sets for listed virtual machine images | Reports virtual machine scale sets as non-compliant if the virtual machine image is not in the list defined and the agent is not installed. | AuditIfNotExists, Disabled | 2.0.0 |
| The Log Analytics agent should be installed on Virtual Machine Scale Sets | This policy audits any Windows/Linux Virtual Machine Scale Sets if the Log Analytics agent is not installed. | AuditIfNotExists, Disabled | 1.0.0 |
| The Log Analytics agent should be installed on virtual machines | This policy audits any Windows/Linux virtual machines if the Log Analytics agent is not installed. | AuditIfNotExists, Disabled | 1.0.0 |
| Virtual machines should be connected to a specified workspace | Reports virtual machines as non-compliant if they aren't logging to the Log Analytics workspace specified in the policy/initiative assignment. | AuditIfNotExists, Disabled | 1.1.0 |
Ensure that the actions of individual system users can be uniquely traced to those users, so they can be held accountable for their actions.
ID: NIST SP 800-171 R2 3.3.2Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Audit diagnostic setting | Audit diagnostic setting for selected resource types | AuditIfNotExists | 1.0.0 |
| Auditing on SQL server should be enabled | Auditing on your SQL Server should be enabled to track database activities across all databases on the server and save them in an audit log. | AuditIfNotExists, Disabled | 2.0.0 |
| Azure Defender for SQL should be enabled for unprotected Azure SQL servers | Audit SQL servers without Advanced Data Security | AuditIfNotExists, Disabled | 2.0.1 |
| Azure Defender for SQL should be enabled for unprotected SQL Managed Instances | Audit each SQL Managed Instance without advanced data security. | AuditIfNotExists, Disabled | 1.0.2 |
| Log Analytics Agent should be enabled for listed virtual machine images | Reports virtual machines as non-compliant if the virtual machine image is not in the list defined and the agent is not installed. | AuditIfNotExists, Disabled | 2.0.0-preview |
| Log Analytics agent should be enabled in virtual machine scale sets for listed virtual machine images | Reports virtual machine scale sets as non-compliant if the virtual machine image is not in the list defined and the agent is not installed. | AuditIfNotExists, Disabled | 2.0.0 |
| The Log Analytics agent should be installed on Virtual Machine Scale Sets | This policy audits any Windows/Linux Virtual Machine Scale Sets if the Log Analytics agent is not installed. | AuditIfNotExists, Disabled | 1.0.0 |
| The Log Analytics agent should be installed on virtual machines | This policy audits any Windows/Linux virtual machines if the Log Analytics agent is not installed. | AuditIfNotExists, Disabled | 1.0.0 |
| Virtual machines should be connected to a specified workspace | Reports virtual machines as non-compliant if they aren't logging to the Log Analytics workspace specified in the policy/initiative assignment. | AuditIfNotExists, Disabled | 1.1.0 |
Alert in the event of an audit logging process failure.
ID: NIST SP 800-171 R2 3.3.4Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Audit diagnostic setting | Audit diagnostic setting for selected resource types | AuditIfNotExists | 1.0.0 |
| Auditing on SQL server should be enabled | Auditing on your SQL Server should be enabled to track database activities across all databases on the server and save them in an audit log. | AuditIfNotExists, Disabled | 2.0.0 |
| Azure Defender for SQL should be enabled for unprotected Azure SQL servers | Audit SQL servers without Advanced Data Security | AuditIfNotExists, Disabled | 2.0.1 |
| Azure Defender for SQL should be enabled for unprotected SQL Managed Instances | Audit each SQL Managed Instance without advanced data security. | AuditIfNotExists, Disabled | 1.0.2 |
Configuration Management
Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services.
ID: NIST SP 800-171 R2 3.4.7Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Adaptive application controls for defining safe applications should be enabled on your machines | Enable application controls to define the list of known-safe applications running on your machines, and alert you when other applications run. This helps harden your machines against malware. To simplify the process of configuring and maintaining your rules, Security Center uses machine learning to analyze the applications running on each machine and suggest the list of known-safe applications. | AuditIfNotExists, Disabled | 3.0.0 |
Apply deny-by-exception (blacklisting) policy to prevent the use of unauthorized software or deny-all, permit-by-exception (whitelisting) policy to allow the execution of authorized software.
ID: NIST SP 800-171 R2 3.4.8Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Adaptive application controls for defining safe applications should be enabled on your machines | Enable application controls to define the list of known-safe applications running on your machines, and alert you when other applications run. This helps harden your machines against malware. To simplify the process of configuring and maintaining your rules, Security Center uses machine learning to analyze the applications running on each machine and suggest the list of known-safe applications. | AuditIfNotExists, Disabled | 3.0.0 |
Control and monitor user-installed software.
ID: NIST SP 800-171 R2 3.4.9Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Adaptive application controls for defining safe applications should be enabled on your machines | Enable application controls to define the list of known-safe applications running on your machines, and alert you when other applications run. This helps harden your machines against malware. To simplify the process of configuring and maintaining your rules, Security Center uses machine learning to analyze the applications running on each machine and suggest the list of known-safe applications. | AuditIfNotExists, Disabled | 3.0.0 |
Identification and Authentication
Identify system users, processes acting on behalf of users, and devices.
ID: NIST SP 800-171 R2 3.5.1Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| MFA should be enabled accounts with write permissions on your subscription | Multi-Factor Authentication (MFA) should be enabled for all subscription accounts with write privileges to prevent a breach of accounts or resources. | AuditIfNotExists, Disabled | 3.0.0 |
| MFA should be enabled on accounts with owner permissions on your subscription | Multi-Factor Authentication (MFA) should be enabled for all subscription accounts with owner permissions to prevent a breach of accounts or resources. | AuditIfNotExists, Disabled | 3.0.0 |
Authenticate (or verify) the identities of users, processes, or devices, as a prerequisite to allowing access to organizational systems.
ID: NIST SP 800-171 R2 3.5.2Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities | This policy adds a system-assigned managed identity to virtual machines hosted in Azure that are supported by Guest Configuration but do not have any managed identities. A system-assigned managed identity is a prerequisite for all Guest Configuration assignments and must be added to machines before using any Guest Configuration policy definitions. For more information on Guest Configuration, visit https://aka.ms/gcpol. | modify | 1.0.0 |
| Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity | This policy adds a system-assigned managed identity to virtual machines hosted in Azure that are supported by Guest Configuration and have at least one user-assigned identity but do not have a system-assigned managed identity. A system-assigned managed identity is a prerequisite for all Guest Configuration assignments and must be added to machines before using any Guest Configuration policy definitions. For more information on Guest Configuration, visit https://aka.ms/gcpol. | modify | 1.0.0 |
| Audit Linux machines that have accounts without passwords | Requires that prerequisites are deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. Machines are non-compliant if Linux machines that have accounts without passwords | AuditIfNotExists, Disabled | 1.0.0 |
| Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs | This policy deploys the Windows Guest Configuration extension to Windows virtual machines hosted in Azure that are supported by Guest Configuration. The Windows Guest Configuration extension is a prerequisite for all Windows Guest Configuration assignments and must be deployed to machines before using any Windows Guest Configuration policy definition. For more information on Guest Configuration, visit https://aka.ms/gcpol. | deployIfNotExists | 1.0.1 |
| Windows machines should meet requirements for 'Security Options - Network Security' | Windows machines should have the specified Group Policy settings in the category 'Security Options - Network Security' for including Local System behavior, PKU2U, LAN Manager, LDAP client, and NTLM SSP. This policy requires that the Guest Configuration prerequisites have been deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. | AuditIfNotExists, Disabled | 2.0.0 |
Use multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts.
ID: NIST SP 800-171 R2 3.5.3Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| MFA should be enabled accounts with write permissions on your subscription | Multi-Factor Authentication (MFA) should be enabled for all subscription accounts with write privileges to prevent a breach of accounts or resources. | AuditIfNotExists, Disabled | 3.0.0 |
| MFA should be enabled on accounts with owner permissions on your subscription | Multi-Factor Authentication (MFA) should be enabled for all subscription accounts with owner permissions to prevent a breach of accounts or resources. | AuditIfNotExists, Disabled | 3.0.0 |
| MFA should be enabled on accounts with read permissions on your subscription | Multi-Factor Authentication (MFA) should be enabled for all subscription accounts with read privileges to prevent a breach of accounts or resources. | AuditIfNotExists, Disabled | 3.0.0 |
Enforce a minimum password complexity and change of characters when new passwords are created.
ID: NIST SP 800-171 R2 3.5.7Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities | This policy adds a system-assigned managed identity to virtual machines hosted in Azure that are supported by Guest Configuration but do not have any managed identities. A system-assigned managed identity is a prerequisite for all Guest Configuration assignments and must be added to machines before using any Guest Configuration policy definitions. For more information on Guest Configuration, visit https://aka.ms/gcpol. | modify | 1.0.0 |
| Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity | This policy adds a system-assigned managed identity to virtual machines hosted in Azure that are supported by Guest Configuration and have at least one user-assigned identity but do not have a system-assigned managed identity. A system-assigned managed identity is a prerequisite for all Guest Configuration assignments and must be added to machines before using any Guest Configuration policy definitions. For more information on Guest Configuration, visit https://aka.ms/gcpol. | modify | 1.0.0 |
| Audit Linux machines that have accounts without passwords | Requires that prerequisites are deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. Machines are non-compliant if Linux machines that have accounts without passwords | AuditIfNotExists, Disabled | 1.0.0 |
| Audit Windows machines that do not have the password complexity setting enabled | Requires that prerequisites are deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. Machines are non-compliant if Windows machines that do not have the password complexity setting enabled | AuditIfNotExists, Disabled | 1.0.0 |
| Audit Windows machines that do not restrict the minimum password length to 14 characters | Requires that prerequisites are deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. Machines are non-compliant if Windows machines that do not restrict the minimum password length to 14 characters | AuditIfNotExists, Disabled | 1.0.0 |
| Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs | This policy deploys the Windows Guest Configuration extension to Windows virtual machines hosted in Azure that are supported by Guest Configuration. The Windows Guest Configuration extension is a prerequisite for all Windows Guest Configuration assignments and must be deployed to machines before using any Windows Guest Configuration policy definition. For more information on Guest Configuration, visit https://aka.ms/gcpol. | deployIfNotExists | 1.0.1 |
| Windows machines should meet requirements for 'Security Options - Network Security' | Windows machines should have the specified Group Policy settings in the category 'Security Options - Network Security' for including Local System behavior, PKU2U, LAN Manager, LDAP client, and NTLM SSP. This policy requires that the Guest Configuration prerequisites have been deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. | AuditIfNotExists, Disabled | 2.0.0 |
Prohibit password reuse for a specified number of generations.
ID: NIST SP 800-171 R2 3.5.8Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities | This policy adds a system-assigned managed identity to virtual machines hosted in Azure that are supported by Guest Configuration but do not have any managed identities. A system-assigned managed identity is a prerequisite for all Guest Configuration assignments and must be added to machines before using any Guest Configuration policy definitions. For more information on Guest Configuration, visit https://aka.ms/gcpol. | modify | 1.0.0 |
| Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity | This policy adds a system-assigned managed identity to virtual machines hosted in Azure that are supported by Guest Configuration and have at least one user-assigned identity but do not have a system-assigned managed identity. A system-assigned managed identity is a prerequisite for all Guest Configuration assignments and must be added to machines before using any Guest Configuration policy definitions. For more information on Guest Configuration, visit https://aka.ms/gcpol. | modify | 1.0.0 |
| Audit Windows machines that allow re-use of the previous 24 passwords | Requires that prerequisites are deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. Machines are non-compliant if Windows machines that allow re-use of the previous 24 passwords | AuditIfNotExists, Disabled | 1.0.0 |
| Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs | This policy deploys the Windows Guest Configuration extension to Windows virtual machines hosted in Azure that are supported by Guest Configuration. The Windows Guest Configuration extension is a prerequisite for all Windows Guest Configuration assignments and must be deployed to machines before using any Windows Guest Configuration policy definition. For more information on Guest Configuration, visit https://aka.ms/gcpol. | deployIfNotExists | 1.0.1 |
| Windows machines should meet requirements for 'Security Options - Network Security' | Windows machines should have the specified Group Policy settings in the category 'Security Options - Network Security' for including Local System behavior, PKU2U, LAN Manager, LDAP client, and NTLM SSP. This policy requires that the Guest Configuration prerequisites have been deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. | AuditIfNotExists, Disabled | 2.0.0 |
Store and transmit only cryptographically-protected passwords.
ID: NIST SP 800-171 R2 3.5.10Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities | This policy adds a system-assigned managed identity to virtual machines hosted in Azure that are supported by Guest Configuration but do not have any managed identities. A system-assigned managed identity is a prerequisite for all Guest Configuration assignments and must be added to machines before using any Guest Configuration policy definitions. For more information on Guest Configuration, visit https://aka.ms/gcpol. | modify | 1.0.0 |
| Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity | This policy adds a system-assigned managed identity to virtual machines hosted in Azure that are supported by Guest Configuration and have at least one user-assigned identity but do not have a system-assigned managed identity. A system-assigned managed identity is a prerequisite for all Guest Configuration assignments and must be added to machines before using any Guest Configuration policy definitions. For more information on Guest Configuration, visit https://aka.ms/gcpol. | modify | 1.0.0 |
| Audit Linux machines that do not have the passwd file permissions set to 0644 | Requires that prerequisites are deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. Machines are non-compliant if Linux machines that do not have the passwd file permissions set to 0644 | AuditIfNotExists, Disabled | 1.0.0 |
| Audit Windows machines that do not store passwords using reversible encryption | Requires that prerequisites are deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. Machines are non-compliant if Windows machines that do not store passwords using reversible encryption | AuditIfNotExists, Disabled | 1.0.0 |
| Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs | This policy deploys the Windows Guest Configuration extension to Windows virtual machines hosted in Azure that are supported by Guest Configuration. The Windows Guest Configuration extension is a prerequisite for all Windows Guest Configuration assignments and must be deployed to machines before using any Windows Guest Configuration policy definition. For more information on Guest Configuration, visit https://aka.ms/gcpol. | deployIfNotExists | 1.0.1 |
| Windows machines should meet requirements for 'Security Options - Network Security' | Windows machines should have the specified Group Policy settings in the category 'Security Options - Network Security' for including Local System behavior, PKU2U, LAN Manager, LDAP client, and NTLM SSP. This policy requires that the Guest Configuration prerequisites have been deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. | AuditIfNotExists, Disabled | 2.0.0 |
Risk Assessment
Scan for vulnerabilities in organizational systems and applications periodically and when new vulnerabilities affecting those systems and applications are identified.
ID: NIST SP 800-171 R2 3.11.2Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| A vulnerability assessment solution should be enabled on your virtual machines | Audits virtual machines to detect whether they are running a supported vulnerability assessment solution. A core component of every cyber risk and security program is the identification and analysis of vulnerabilities. Azure Security Center's standard pricing tier includes vulnerability scanning for your virtual machines at no extra cost. Additionally, Security Center can automatically deploy this tool for you. | AuditIfNotExists, Disabled | 3.0.0 |
| Azure Defender for SQL should be enabled for unprotected Azure SQL servers | Audit SQL servers without Advanced Data Security | AuditIfNotExists, Disabled | 2.0.1 |
| Azure Defender for SQL should be enabled for unprotected SQL Managed Instances | Audit each SQL Managed Instance without advanced data security. | AuditIfNotExists, Disabled | 1.0.2 |
| SQL databases should have vulnerability findings resolved | Monitor vulnerability assessment scan results and recommendations for how to remediate database vulnerabilities. | AuditIfNotExists, Disabled | 4.0.0 |
| Vulnerabilities in container security configurations should be remediated | Audit vulnerabilities in security configuration on machines with Docker installed and display as recommendations in Azure Security Center. | AuditIfNotExists, Disabled | 3.0.0 |
| Vulnerabilities in security configuration on your machines should be remediated | Servers which do not satisfy the configured baseline will be monitored by Azure Security Center as recommendations | AuditIfNotExists, Disabled | 3.0.0 |
| Vulnerabilities in security configuration on your virtual machine scale sets should be remediated | Audit the OS vulnerabilities on your virtual machine scale sets to protect them from attacks. | AuditIfNotExists, Disabled | 3.0.0 |
System and Communications Protection
Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems.
ID: NIST SP 800-171 R2 3.13.1Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Adaptive network hardening recommendations should be applied on internet facing virtual machines | Azure Security Center analyzes the traffic patterns of Internet facing virtual machines and provides Network Security Group rule recommendations that reduce the potential attack surface | AuditIfNotExists, Disabled | 3.0.0 |
| All network ports should be restricted on network security groups associated to your virtual machine | Azure Security Center has identified some of your network security groups' inbound rules to be too permissive. Inbound rules should not allow access from 'Any' or 'Internet' ranges. This can potentially enable attackers to target your resources. | AuditIfNotExists, Disabled | 3.0.0 |
| API App should only be accessible over HTTPS | Use of HTTPS ensures server/service authentication and protects data in transit from network layer eavesdropping attacks. | Audit, Disabled | 1.0.0 |
| Function App should only be accessible over HTTPS | Use of HTTPS ensures server/service authentication and protects data in transit from network layer eavesdropping attacks. | Audit, Disabled | 1.0.0 |
| Latest TLS version should be used in your API App | Upgrade to the latest TLS version | AuditIfNotExists, Disabled | 1.0.0 |
| Latest TLS version should be used in your Function App | Upgrade to the latest TLS version | AuditIfNotExists, Disabled | 1.0.0 |
| Latest TLS version should be used in your Web App | Upgrade to the latest TLS version | AuditIfNotExists, Disabled | 1.0.0 |
| Only secure connections to your Azure Cache for Redis should be enabled | Audit enabling of only connections via SSL to Azure Cache for Redis. Use of secure connections ensures authentication between the server and the service and protects data in transit from network layer attacks such as man-in-the-middle, eavesdropping, and session-hijacking | Audit, Deny, Disabled | 1.0.0 |
| Secure transfer to storage accounts should be enabled | Audit requirement of Secure transfer in your storage account. Secure transfer is an option that forces your storage account to accept requests only from secure connections (HTTPS). Use of HTTPS ensures authentication between the server and the service and protects data in transit from network layer attacks such as man-in-the-middle, eavesdropping, and session-hijacking | Audit, Deny, Disabled | 2.0.0 |
| Storage accounts should restrict network access | Network access to storage accounts should be restricted. Configure network rules so only applications from allowed networks can access the storage account. To allow connections from specific internet or on-premises clients, access can be granted to traffic from specific Azure virtual networks or to public internet IP address ranges | Audit, Deny, Disabled | 1.1.1 |
| Web Application should only be accessible over HTTPS | Use of HTTPS ensures server/service authentication and protects data in transit from network layer eavesdropping attacks. | Audit, Disabled | 1.0.0 |
| Windows web servers should be configured to use secure communication protocols | To protect the privacy of information communicated over the Internet, your web servers should use the latest version of the industry-standard cryptographic protocol, Transport Layer Security (TLS). TLS secures communications over a network by using security certificates to encrypt a connection between machines. | AuditIfNotExists, Disabled | 3.0.0 |
Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks.
ID: NIST SP 800-171 R2 3.13.5Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Adaptive network hardening recommendations should be applied on internet facing virtual machines | Azure Security Center analyzes the traffic patterns of Internet facing virtual machines and provides Network Security Group rule recommendations that reduce the potential attack surface | AuditIfNotExists, Disabled | 3.0.0 |
| All network ports should be restricted on network security groups associated to your virtual machine | Azure Security Center has identified some of your network security groups' inbound rules to be too permissive. Inbound rules should not allow access from 'Any' or 'Internet' ranges. This can potentially enable attackers to target your resources. | AuditIfNotExists, Disabled | 3.0.0 |
| Internet-facing virtual machines should be protected with network security groups | Protect your virtual machines from potential threats by restricting access to them with network security groups (NSG). Learn more about controlling traffic with NSGs at https://aka.ms/nsg-doc | AuditIfNotExists, Disabled | 3.0.0 |
| Storage accounts should restrict network access | Network access to storage accounts should be restricted. Configure network rules so only applications from allowed networks can access the storage account. To allow connections from specific internet or on-premises clients, access can be granted to traffic from specific Azure virtual networks or to public internet IP address ranges | Audit, Deny, Disabled | 1.1.1 |
Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission unless otherwise protected by alternative physical safeguards.
ID: NIST SP 800-171 R2 3.13.8Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| API App should only be accessible over HTTPS | Use of HTTPS ensures server/service authentication and protects data in transit from network layer eavesdropping attacks. | Audit, Disabled | 1.0.0 |
| Function App should only be accessible over HTTPS | Use of HTTPS ensures server/service authentication and protects data in transit from network layer eavesdropping attacks. | Audit, Disabled | 1.0.0 |
| Only secure connections to your Azure Cache for Redis should be enabled | Audit enabling of only connections via SSL to Azure Cache for Redis. Use of secure connections ensures authentication between the server and the service and protects data in transit from network layer attacks such as man-in-the-middle, eavesdropping, and session-hijacking | Audit, Deny, Disabled | 1.0.0 |
| Secure transfer to storage accounts should be enabled | Audit requirement of Secure transfer in your storage account. Secure transfer is an option that forces your storage account to accept requests only from secure connections (HTTPS). Use of HTTPS ensures authentication between the server and the service and protects data in transit from network layer attacks such as man-in-the-middle, eavesdropping, and session-hijacking | Audit, Deny, Disabled | 2.0.0 |
| Web Application should only be accessible over HTTPS | Use of HTTPS ensures server/service authentication and protects data in transit from network layer eavesdropping attacks. | Audit, Disabled | 1.0.0 |
| Windows web servers should be configured to use secure communication protocols | To protect the privacy of information communicated over the Internet, your web servers should use the latest version of the industry-standard cryptographic protocol, Transport Layer Security (TLS). TLS secures communications over a network by using security certificates to encrypt a connection between machines. | AuditIfNotExists, Disabled | 3.0.0 |
Protect the confidentiality of CUI at rest.
ID: NIST SP 800-171 R2 3.13.16Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Azure Defender for SQL should be enabled for unprotected Azure SQL servers | Audit SQL servers without Advanced Data Security | AuditIfNotExists, Disabled | 2.0.1 |
| Azure Defender for SQL should be enabled for unprotected SQL Managed Instances | Audit each SQL Managed Instance without advanced data security. | AuditIfNotExists, Disabled | 1.0.2 |
| Transparent Data Encryption on SQL databases should be enabled | Transparent data encryption should be enabled to protectt encrypted. Disregard this recommendation if: 1. using encryption-at-host, or 2. server-side encryption on Managed Disks meets your security requirements. Learn more in Server-side encryption of Azure Disk Storage and Different disk encryption offerings. | AuditIfNotExists, Disabled | 2.0.2 |
System and Information Integrity
Identify, report, and correct system flaws in a timely manner.
ID: NIST SP 800-171 R2 3.14.1Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| A vulnerability assessment solution should be enabled on your virtual machines | Audits virtual machines to detect whether they are running a supported vulnerability assessment solution. A core component of every cyber risk and security program is the identification and analysis of vulnerabilities. Azure Security Center's standard pricing tier includes vulnerability scanning for your virtual machines at no extra cost. Additionally, Security Center can automatically deploy this tool for you. | AuditIfNotExists, Disabled | 3.0.0 |
| Ensure that 'HTTP Version' is the latest, if used to run the API app | Periodically, newer versions are released for HTTP either due to security flaws or to include additional functionality. Using the latest HTTP version for web apps to take advantage of security fixes, if any, and/or new functionalities of the newer version. Currently, this policy only applies to Linux web apps. | AuditIfNotExists, Disabled | 2.0.0 |
| Ensure that 'HTTP Version' is the latest, if used to run the Function app | Periodically, newer versions are released for HTTP either due to security flaws or to include additional functionality. Using the latest HTTP version for web apps to take advantage of security fixes, if any, and/or new functionalities of the newer version. Currently, this policy only applies to Linux web apps. | AuditIfNotExists, Disabled | 2.0.0 |
| Ensure that 'HTTP Version' is the latest, if used to run the Web app | Periodically, newer versions are released for HTTP either due to security flaws or to include additional functionality. Using the latest HTTP version for web apps to take advantage of security fixes, if any, and/or new functionalities of the newer version. Currently, this policy only applies to Linux web apps. | AuditIfNotExists, Disabled | 2.0.0 |
| Ensure that 'Java version' is the latest, if used as a part of the API app | Periodically, newer versions are released for Java either due to security flaws or to include additional functionality. Using the latest Python version for API apps is recommended in order to take advantage of security fixes, if any, and/or new functionalities of the latest version. Currently, this policy only applies to Linux web apps. | AuditIfNotExists, Disabled | 2.0.0 |
| Ensure that 'Java version' is the latest, if used as a part of the Function app | Periodically, newer versions are released for Java software either due to security flaws or to include additional functionality. Using the latest Java version for Function apps is recommended in order to take advantage of security fixes, if any, and/or new functionalities of the latest version. Currently, this policy only applies to Linux web apps. | AuditIfNotExists, Disabled | 2.0.0 |
| Ensure that 'Java version' is the latest, if used as a part of the Web app | Periodically, newer versions are released for Java software either due to security flaws or to include additional functionality. Using the latest Java version for web apps is recommended in order to take advantage of security fixes, if any, and/or new functionalities of the latest version. Currently, this policy only applies to Linux web apps. | AuditIfNotExists, Disabled | 2.0.0 |
| Ensure that 'PHP version' is the latest, if used as a part of the API app | Periodically, newer versions are released for PHP software either due to security flaws or to include additional functionality. Using the latest PHP version for API apps is recommended in order to take advantage of security fixes, if any, and/or new functionalities of the latest version. Currently, this policy only applies to Linux web apps. | AuditIfNotExists, Disabled | 2.1.0 |
| Ensure that 'PHP version' is the latest, if used as a part of the WEB app | Periodically, newer versions are released for PHP software either due to security flaws or to include additional functionality. Using the latest PHP version for web apps is recommended in order to take advantage of security fixes, if any, and/or new functionalities of the latest version. Currently, this policy only applies to Linux web apps. | AuditIfNotExists, Disabled | 2.1.0 |
| Ensure that 'Python version' is the latest, if used as a part of the API app | Periodically, newer versions are released for Python software either due to security flaws or to include additional functionality. Using the latest Python version for API apps is recommended in order to take advantage of security fixes, if any, and/or new functionalities of the latest version. Currently, this policy only applies to Linux web apps. | AuditIfNotExists, Disabled | 3.0.0 |
| Ensure that 'Python version' is the latest, if used as a part of the Function app | Periodically, newer versions are released for Python software either due to security flaws or to include additional functionality. Using the latest Python version for Function apps is recommended in order to take advantage of security fixes, if any, and/or new functionalities of the latest version. Currently, this policy only applies to Linux web apps. | AuditIfNotExists, Disabled | 3.0.0 |
| Ensure that 'Python version' is the latest, if used as a part of the Web app | Periodically, newer versions are released for Python software either due to security flaws or to include additional functionality. Using the latest Python version for web apps is recommended in order to take advantage of security fixes, if any, and/or new functionalities of the latest version. Currently, this policy only applies to Linux web apps. | AuditIfNotExists, Disabled | 3.0.0 |
| Kubernetes Services should be upgraded to a non-vulnerable Kubernetes version | Upgrade your Kubernetes service cluster to a later Kubernetes version to protect against known vulnerabilities in your current Kubernetes version. Vulnerability CVE-2019-9946 has been patched in Kubernetes versions 1.11.9+, 1.12.7+, 1.13.5+, and 1.14.0+ | Audit, Disabled | 1.0.2 |
| Latest TLS version should be used in your API App | Upgrade to the latest TLS version | AuditIfNotExists, Disabled | 1.0.0 |
| Latest TLS version should be used in your Function App | Upgrade to the latest TLS version | AuditIfNotExists, Disabled | 1.0.0 |
| Latest TLS version should be used in your Web App | Upgrade to the latest TLS version | AuditIfNotExists, Disabled | 1.0.0 |
| SQL databases should have vulnerability findings resolved | Monitor vulnerability assessment scan results and recommendations for how to remediate database vulnerabilities. | AuditIfNotExists, Disabled | 4.0.0 |
| System updates on virtual machine scale sets should be installed | Audit whether there are any missing system security updates and critical updates that should be installed to ensure that your Windows and Linux virtual machine scale sets are secure. | AuditIfNotExists, Disabled | 3.0.0 |
| System updates should be installed on your machines | Missing security system updates on your servers will be monitored by Azure Security Center as recommendations | AuditIfNotExists, Disabled | 4.0.0 |
| Vulnerabilities in security configuration on your machines should be remediated | Servers which do not satisfy the configured baseline will be monitored by Azure Security Center as recommendations | AuditIfNotExists, Disabled | 3.0.0 |
| Vulnerabilities in security configuration on your virtual machine scale sets should be remediated | Audit the OS vulnerabilities on your virtual machine scale sets to protect them from attacks. | AuditIfNotExists, Disabled | 3.0.0 |
Provide protection from malicious code at designated locations within organizational systems.
ID: NIST SP 800-171 R2 3.14.2Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Endpoint protection solution should be installed on virtual machine scale sets | Audit the existence and health of an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities. | AuditIfNotExists, Disabled | 3.0.0 |
| Microsoft IaaSAntimalware extension should be deployed on Windows servers | This policy audits any Windows server VM without Microsoft IaaSAntimalware extension deployed. | AuditIfNotExists, Disabled | 1.0.0 |
| Monitor missing Endpoint Protection in Azure Security Center | Servers without an installed Endpoint Protection agent will be monitored by Azure Security Center as recommendations | AuditIfNotExists, Disabled | 3.0.0 |
Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks.
ID: NIST SP 800-171 R2 3.14.6Ownership: Shared
| Name (Azure portal) | Description | Effect(s) | Version (GitHub) |
|---|---|---|---|
| Azure Defender for SQL should be enabled for unprotected Azure SQL servers | Audit SQL servers without Advanced Data Security | AuditIfNotExists, Disabled | 2.0.1 |
| Azure Defender for SQL should be enabled for unprotected SQL Managed Instances | Audit each SQL Managed Instance without advanced data security. | AuditIfNotExists, Disabled | 1.0.2 |
| Email notification to subscription owner for high severity alerts should be enabled | To ensure your subscription owners are notified when there is a potential security breach in their subscription, set email notifications to subscription owners for high severity alerts in Security Center. | AuditIfNotExists, Disabled | 2.0.0 |
| Network Watcher should be enabled | Network Watcher is a regional service that enables you to monitor and diagnose conditions at a network scenario level in, to, and from Azure. Scenario level monitoring enables you to diagnose problems at an end to end network level view. It is required to have a network watcher resource group to be created in every region where a virtual network is present. An alert is enabled if a network watcher resource group is not available in a particular region. | AuditIfNotExists, Disabled | 3.0.0 |
| Subscriptions should have a contact email address for security issues | To ensure the relevant people in your organization are notified when there is a potential security breach in one of your subscriptions, set a security contact to receive email notifications from Security Center. | AuditIfNotExists, Disabled | 1.0.1 |
Next steps
Additional articles about Azure Policy:
- Regulatory Compliance overview.
- See the initiative definition structure.
- Review other examples at Azure Policy samples.
- Review Understanding policy effects.
- Learn how to remediate non-compliant resources.
List, download and convert any Spotify song or playlist to MP3 then save them to your PC with this simple and straightforward app
We all know that Spotify is a widespread platform for music playing. Its huge database contains almost all contemporary songs, albums, artists, etc. Although it's free, certain features are available only for the paid version. One of those features is the possibility to download music directly to your PC. Ondesoft Spotify Converter can help you download from the platform without creating a premium account.
Mac Control Monitor Volume
Clean but unresizable interface
The interface is enjoyable and intuitive as it consists of one large display/list window and several control buttons. At center-top you can also notice the 'Output' field where you select your path for the downloaded or converted files.
One downside of this program is the impossibility to resize the interface. Right after the installation, the GUI is fixed an can only be moved or minimized but not resized. This can bother with small monitor or screenshots activities.
Supports several formats and also batch conversion
You can easily drag&drop as many songs or playlists you want to convert to the Spotify interface. Spotify converter will load all songs in the playlist automatically. You can also copy&paste the link of the song/playlist. There are four formats available for conversion: MP3, M4A, WAV, and FLAC.After conversion all ID3 tags preserved, so you will never lose the title, artist, album, and artwork, etc. of each song.
5x conversion speed and rate selection
You can also choose to pick the 5x conversion speed so that you can play them on any music player freely. Ondesoft Spotify allows you to set bitrate, sample rate for output DRM-free Spotify music according to your preferences.
Handy music downloader
To sum it up, Ondesoft Spotify Converter is an excellent and easy-to-use tool that lets you download any song from Spotify and convert it into one of the four available formats. It can be used by both novice and technical people due to its simplicity and intuitive feeling.
Filed under
Download Hubs
Ondesoft Spotify Converter is part of these download collections: Spotify Music Downloaders
Ondesoft Spotify Converter was reviewed by Cristian Sarasanu3.5/5
LIMITATIONS IN THE UNREGISTERED VERSION- You can convert only 3 minutes of each song
Load comments
This enables Disqus, Inc. to process some of your data. Disqus privacy policyOndesoft Spotify Converter 3.1.1
add to watchlistWww.abus.com › Eng › Home-SecurityABUS ABUS CMS Software (Windows) (TVSW11001)
send us an update 4 screenshots:
- runs on:
- Windows 10 32/64 bit
Windows 8 32/64 bit
Windows 7 32/64 bit - file size:
- 47 MB
- filename:
- odspconverter.exe
- main category:
- Multimedia
- developer:
- visit homepage
top alternatives FREE
@waydabber
top alternatives PAID