Which compliance frameworks require ensure event grid topics use private endpoints?

This security check is required by the following compliance frameworks: SOC 2, PCI-DSS, NIST 800-53.

MEDIUM

Ensure Event Grid topics use private endpoints

Event Grid topics should use private endpoints to restrict access to virtual networks.

Security Impact

Public endpoints expose event ingestion to internet-based attacks.

How to Remediate

Configure private endpoints for Event Grid topics and disable public network access.

Affected Resources

Microsoft.EventGrid/topicsMicrosoft.Network/privateEndpoints

Compliance Frameworks

SOC 2PCI-DSSNIST 800-53

How TigerGate Helps

TigerGate continuously monitors your Azure environment to detect and alert on this misconfiguration. Here's what our platform does for this specific check:

Continuous Scanning
Automatically scans all Azure Event Grid resources across your Azure subscriptions every hour
Instant Alerts
Get notified via Slack, email, or webhooks when this misconfiguration is detected
One-Click Remediation
Fix this issue directly from the TigerGate dashboard with our guided remediation
Compliance Evidence
Automatically collect audit evidence for SOC 2, PCI-DSS, NIST 800-53 compliance
Drift Detection
Get alerted if this configuration drifts back to an insecure state after remediation

Check Details

Check ID: azure-eventgrid-1
Service: Azure Event Grid
Category: Network Security
Severity: MEDIUM

Automate This Check

TigerGate automatically scans your Azure environment for this and 160+ other security checks.

Start Free Trial

Related Azure Event Grid Checks

View all checks

azure-eventgrid-2medium

Ensure Event Grid uses managed identity for authentication

azure-eventgrid-3medium

Ensure Event Grid has diagnostic logging enabled

azure-eventgrid-4medium

Ensure Event Grid uses Azure AD authentication

azure-eventgrid-5medium

Ensure Event Grid topics have network access restrictions