Microsoft Azure provides a suite of infrastructure services that you can use to deploy your cloud applications. Azure cloud security assessment refers to the services, controls, and features configured for customers of Azure services for protecting their data, applications, and other assets in Microsoft Azure. The security responsibilities vary depending on whether the data is hosted on Software as a Service (SaaS), Platform as a Service (PaaS) or Infrastructure as a Service (IaaS).
This assessment is intended to help enterprises think through various operational security considerations (shared responsibility model of cloud hosting) as they deploy sophisticated enterprise applications on Azure. This engagement can also be used to help you build a secure cloud migration and operation strategy for your organization. We highly recommend these operational and strategic considerations for your existing and new application deployments on Azure. Some of our key areas of focus are:
Security and Audit Dashboard, Azure Resource Manager, Application Insights, Azure Monitor, Azure Monitor Logs, Azure Advisor, Azure Security Center
Web Application vulnerability scanning, Penetration Testing, Web Application Firewall, Authentication and authorization in Azure App Service, Layered Security Architecture, Webserver diagnostics, and application diagnostics.
Role-Based Access Control (RBAC), Shared Access Signature, Encryption in Transit, Encryption at rest, Storage Analytics, Enabling Browser-Based Clients Using CORS
Network Layer Controls, Network Security Groups, Route Control and Forced Tunneling, Virtual Network Security Appliances, Azure Virtual Network, VPN Gateway, Application Gateway, Web Application Firewall, Traffic Manager, Load Balancer, DNS
Antimalware & Antivirus, Hardware Security Module, Virtual machine backup, Site Recovery, Transparent Data Encryption, Disk Encryption, Virtual Networking, Patch Updates, Security Policy Management and Reporting