Build Azure Expertise
Run our secure Azure scan to receive a report with custom recommendations from our cloud security experts.
Unlock Free Azure Resources
Sign up to download the 20 policies you need for Azure compliance and start your cloud security journey today.
Configuration Management
Configuration Management
Learn about configuration standards from industry leaders such as the Center for Internet Security, NIST, SANS, AWS, and Microsoft.
Ensure Only Authorized Users Can Create Security Groups
Utilize Managed Disks for Virtual Machines
Logical Access
Logical Access
Learn about identity and access management to protect assets against unauthorized use.
Consider an Exclusionary Geographic Access Policy
Create a Review Process for Apps
Create a Review Process of Guest Users
Disable Caching of Second Factor of Authentication Beyond One Day
Disallow Other Apps to Access Company Data
Do Not Allow Users to Remember MFA on Devices They Trust
Enable Multifactor Authentication for Administrators
Enable Multifactor Authentication for All Users
Enforce Multifactor Authentication for All Users
Ensure Guest Accounts Are Restricted
Ensure Notifications are Enabled for Password Resets
Ensure Only Administrators Can Create Groups
Notify Admins of Other Admin Password Resets
Only Allow Administrators to Delete Locked Resources
Only Allow Approved Employees to Invite Guests
Only Allow Trusted Apps to Access Company Data
Prevent Bad Passwords in Azure
Protect Against Malicious Attacks with Azure AD MFA
Protect Resources from Unauthorized Access
Reconfirm User Information Regularly
Require 2 Ways of Authentication for Resetting Passwords
Require Multifactor Authentication for Administrators
Restrict Access to Azure Active Directory (ADD)
Restrict Access to Create Security Groups Only to Administrators
Restrict Access to the Administration Portal
Restrict User Authentication to Trusted Locations
Restrict Users from Adding Apps
Restrict and Secure Your Azure Environment
Review Internal and External Users Monthly
Risky Sign-Ins: What They Are and How to Prevent Them
Utilize the Principle of Least Privilege
Verify Only Administrators Manage Group Membership Access
Network Monitoring
Network Monitoring
Learn about the tools and techniques to monitor the performance and security of your environment.
Configure Activity Log Container Access to Private
Configure Storage Accounts to Use Customer Managed Keys
Create Activity Log Alert for Delete SQL Server Firewall
Create an Activity Log Alert for Create or Update Public IP Address
Create an Activity Log Alert for Delete Security Solution
Ensure Diagnostic Setting Captures Appropriate Categories
Ensure Log Alert Exists for Create or Update Network Security Group
Ensure Logging for AppServiceHTTPLogs
Ensure Network Security Group Flow Logs Are Sent to Log Analytics
Ensure That a Diagnostic Setting Is Enabled
Ensure an Activity Log Alert Exists for Delete Public IP Address
Log and Retain All Relevant Activities
Monitor for "Delete Network Security Groups" Through Log Alerts
Utilize Flow Logs to Log Traffic in Your Environment
Utilize Log Alerts for Create or Update SQL Server Firewall
Utilize Log Alerts for Create or Update Security Solution
Utilize Logging for Azure Key Vault
Utilize Managed Disks for Virtual Machines
Verify Log Alert Exists for Create Policy Assignment
