Microsoft this week announced the availability of Azure Security Benchmark v1 (ASB), a collection of more than 90 security best practices recommendations for Azure customers.
ASB, Microsoft says, was designed to improve the consistency of security documentation for Azure services by creating a framework containing all recommendations for Azure services, in the same format.
ASB is meant to help organizations increase the overall security and compliance of their workloads in Azure, and includes 11 security controls inspired by, and mapped to, the Center for Internet Security (CIS) 7.1 control framework.
Not only are the ASB controls built on industry standards and best practices, but Microsoft also aims to add mappings to other frameworks, such as the NIST Cybersecurity Framework.
According to Microsoft, ASB preserves the value of industry standard control frameworks that are focused on on-premises and brings them to the cloud.
“This enables you to apply standard security control frameworks to your Azure deployments and extend security governance practices to the cloud,” the company says.
The controls included in ASB target network security, logging and monitoring, identity and access control, data protection, vulnerability management, inventory and asset management, secure configurations, malware defense, data recovery, incident response, and penetration tests and red team exercises.
The documentation associated with each control provides mappings to industry standard benchmarks, details and rationale for the recommendations, and links to configuration information.
The full set of controls, as well as the included recommendations, are available on Microsoft’s Azure Security Benchmark website.
The tech company also integrated ASB with Azure Security Center, to enable customers to track, report, and assess their compliance against the benchmark, directly from the Security Center compliance dashboard. ASB also has an impact on the Secure Score in Azure Security Center for subscriptions.
“ASB is the foundation for future Azure service security baselines, which will provide a view of benchmark recommendations that are contextualized for each Azure service. This will make it easier for you to implement the ASB for the Azure services that you’re actually using,” Microsoft says.
Related: NIST Releases Framework for Privacy Risk Management
Related: NIST and Microsoft Partner to Improve Enterprise Patching Strategies
Related: Microsoft Announces New Security Capabilities Across Platforms
More from Ionut Arghire
- 820k Impacted by Data Breach at Zacks Investment Research
- US Government Agencies Warn of Malicious Use of Remote Management Software
- Chinese Hackers Adopting Open Source ‘SparkRAT’ Tool
- CISA Provides Resources for Securing K-12 Education System
- Strata Raises $26 Million for Multi-Cloud Identity Management Platform
- Riot Games Says Source Code Stolen in Ransomware Attack
- Arm Vulnerability Leads to Code Execution, Root on Pixel 6 Phones
- Attacks Targeting Realtek SDK Vulnerability Ramping Up
Latest News
- Cyberattacks Target Websites of German Airports, Admin
- US Infiltrates Big Ransomware Gang: ‘We Hacked the Hackers’
- Tenable Launches $25 Million Early-Stage Venture Fund
- 820k Impacted by Data Breach at Zacks Investment Research
- Mapping Threat Intelligence to the NIST Compliance Framework Part 2
- Hive Ransomware Operation Shut Down by Law Enforcement
- US Government Agencies Warn of Malicious Use of Remote Management Software
- UK Gov Warns of Phishing Attacks Launched by Iranian, Russian Cyberspies
