fix(sdk): use case-insensitive comparison for Azure VM backup checks

[HugoPBrito]

Context

Fix #10372

Azure sometimes stores VM names in the Recovery Services vault with different casing than the VM resource name itself (e.g., VMTEST in vault vs vmtest in VM). This causes false negatives where a VM is flagged as not backed up even though it is protected. This is a known Azure behavior.

Description

• Use case-insensitive comparison (.lower()) when matching VM names against backup item names in vm_backup_enabled and vm_sufficient_daily_backup_retention_period checks
• Add dedicated test cases that verify case-insensitive matching (lowercase VM name, uppercase backup item name)

Steps to review

1. Review the .lower() comparison change in both check files
2. Verify the new test cases test_vm_protected_by_backup_case_insensitive and test_vm_with_sufficient_retention_case_insensitive
3. Run tests:

   poetry run pytest tests/providers/azure/services/vm/vm_backup_enabled/ tests/providers/azure/services/vm/vm_sufficient_daily_backup_retention_period/ -v

Checklist

Community Checklist

• This feature/issue is listed in here or roadmap.prowler.com
• Is it assigned to me, if not, request it via the issue/feature in here or Prowler Community Slack

• Are there new checks included in this PR? No
• Review if the code is being covered by tests.
• Review if code is being documented following https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings
• Review if backport is needed.
• Review if is needed to change the Readme.md
• Ensure new entries are added to CHANGELOG.md, if applicable.

SDK/CLI

• Are there new checks included in this PR? No

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[github-actions]

✅ All necessary CHANGELOG.md files have been updated.

[github-actions]

✅ Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 86.17%. Comparing base (ab26608) to head (0aeb1ee).

❗ There is a different number of reports uploaded between BASE (ab26608) and HEAD (0aeb1ee). Click for more details.

HEAD has 1 upload less than BASE

Flag	BASE (ab26608)	HEAD (0aeb1ee)
api	1	0

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #10395      +/-   ##
==========================================
- Coverage   93.38%   86.17%   -7.21%     
==========================================
  Files         219      223       +4     
  Lines       30398     5743   -24655     
==========================================
- Hits        28386     4949   -23437     
+ Misses       2012      794    -1218     

Flag	Coverage Δ
api	?
prowler-py3.10-azure	86.17% <ø> (?)
prowler-py3.11-azure	86.12% <ø> (?)
prowler-py3.12-azure	86.12% <ø> (?)
prowler-py3.9-azure	86.12% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
prowler	86.17% <ø> (∅)
api	∅ <ø> (∅)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

🔒 Container Security Scan

Image: prowler:91b12f7
Last scan: 2026-03-19 13:09:32 UTC

📊 Vulnerability Summary

Severity	Count
🔴 Critical	4
Total	4

4 package(s) affected

⚠️ Action Required

Critical severity vulnerabilities detected. These should be addressed before merging:

• Review the detailed scan results
• Update affected packages to patched versions
• Consider using a different base image if updates are unavailable

---

📋 Resources:

• Download full report (see artifacts)
• View in Security tab
• Scanned with Trivy