Security Experts:

Connect with us

Hi, what are you looking for?


Cloud Security

Microsoft Releases Azure Security Benchmark

Microsoft this week announced the availability of Azure Security Benchmark v1 (ASB), a collection of more than 90 security best practices recommendations for Azure customers.

Microsoft this week announced the availability of Azure Security Benchmark v1 (ASB), a collection of more than 90 security best practices recommendations for Azure customers.

ASB, Microsoft says, was designed to improve the consistency of security documentation for Azure services by creating a framework containing all recommendations for Azure services, in the same format.

ASB is meant to help organizations increase the overall security and compliance of their workloads in Azure, and includes 11 security controls inspired by, and mapped to, the Center for Internet Security (CIS) 7.1 control framework.

Not only are the ASB controls built on industry standards and best practices, but Microsoft also aims to add mappings to other frameworks, such as the NIST Cybersecurity Framework.

According to Microsoft, ASB preserves the value of industry standard control frameworks that are focused on on-premises and brings them to the cloud.

“This enables you to apply standard security control frameworks to your Azure deployments and extend security governance practices to the cloud,” the company says.

The controls included in ASB target network security, logging and monitoring, identity and access control, data protection, vulnerability management, inventory and asset management, secure configurations, malware defense, data recovery, incident response, and penetration tests and red team exercises.

The documentation associated with each control provides mappings to industry standard benchmarks, details and rationale for the recommendations, and links to configuration information.

The full set of controls, as well as the included recommendations, are available on Microsoft’s Azure Security Benchmark website.

The tech company also integrated ASB with Azure Security Center, to enable customers to track, report, and assess their compliance against the benchmark, directly from the Security Center compliance dashboard. ASB also has an impact on the Secure Score in Azure Security Center for subscriptions.

“ASB is the foundation for future Azure service security baselines, which will provide a view of benchmark recommendations that are contextualized for each Azure service. This will make it easier for you to implement the ASB for the Azure services that you’re actually using,” Microsoft says.

Related: NIST Releases Framework for Privacy Risk Management

Related: NIST and Microsoft Partner to Improve Enterprise Patching Strategies

Related: Microsoft Announces New Security Capabilities Across Platforms

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...