Security baselines for Azure

  1. Home
  2. Security baselines for Azure

Go back to Tutorial

In this tutorial, we will learn and understand the security baslines for Azure.

Microsoft’s cybersecurity group and the Center for Internet Security (CIS), have developed best practices to help in establishing security baselines for the Azure platform. However, a baseline is the implementation of the benchmark on the individual Azure service.

Further, CIS benchmarks have been used with Azure security services and tools to make security and compliance easier for customer applications running on Azure services. Every service comes with a baseline that’s already designed to help provide security for most common use cases. These baselines also provide a consistent experience when securing your environment.

The Azure Security Benchmark

A benchmark contains security recommendations for a specific technology, such as Azure. The Azure Security Benchmark (ASB) provides prescriptive best practices and recommendations for improving the security of workloads, data, and services on Azure.

However, the ASB focuses on cloud-centric control areas. These controls are consistent with well-known security benchmarks. The areas covered include network security, identity management, posture and vulnerability management, and endpoint security.

Practice tests Security baselines for Azure

Each recommendation includes the following information:

  • Firstly, Azure ID: The Azure Security Benchmark ID that corresponds to the recommendation.
  • Secondly, Recommendation: The recommendation provides a high-level description of the control.
  • Thirdly, Guidance: The rationale for the recommendation and links to guidance on how to implement it.
  • Then, Responsibility: Who is responsible for implementing the control? Possible scenarios are customer responsibility, Microsoft responsibility, or shared responsibility.
  • Lastly, Azure Security Center monitoring: Does Azure Security Center monitor the control?
sc-900 online course

Reference: Microsoft Documentation

Go back to Tutorial

Menu