Azure Cloud Resources Security Analysis
Analysis and assessment of the security posture in an Azure environment
Improsec delivers a comprehensive independent security analysis and assessment, providing management and the IT security organization with a clear overview of the basic security controls implemented compared to vendor best practices.
Value
An assessment outlining the current state of the security posture in an Azure environment
An evaluation of asset and resource security misconfigurations
Manage the risks associated with the adoption and utilization of Azure as a cloud resources platform solution
Ensure policies, security controls, monitoring, and logging are implemented according to requirements
Enhance and improve security across the environment
Method
The security assessment is, among other recognized resources, based on the Cloud Security Alliance’s (CSA) “Security Guidance for Critical Areas of Focus in Cloud Computing” and the Centre for Internet Security’s (CIS) configuration guidelines based on your specific setup and configuration of the Azure Cloud Resources environment. In addition, Microsoft best practice descriptions, guidelines, and whitepapers are used in conjunction with the above benchmarking framework.
The assessment includes evaluation of:
Configuration of the Management Console / Pane
Identity and Access Management
Access controls and user permissions (internal/external)
Infrastructure and Network configuration
Protection of information and data in storage solutions
Logging, monitoring, and alerting
Utilization and configuration of security solutions
Product
The deliverable of the analysis is a written report containing the following:
A non-technical section with an Executive Summary for management and decision makers
A technical section including detailed observations and tangible recommendations to strengthen the level of security and recommendations on how hardening can be applied
Involvement
The delivery requires minimal involvement of your technical staff.