Today we’re announcing the next iteration of the Azure Security Benchmark (ASB) Workbook, which provides a single pane of glass for gathering and managing data to address ASB control requirements. The power of this workbook lies in its ability to aggregate data from more than 25 Microsoft Security products and to apply these insights to relevant controls in the ASB framework.
What is the Azure Security Benchmark?
The Azure Security Benchmark (ASB) provides prescriptive best practices and recommendations to help improve the security of workloads, data, and services on Azure. Many organizations rely on standard frameworks such as CISv7.1 or NIST 800-53 R4 to improve their cloud defenses. Mapped to both CISv7.1 and NIST 800-53 R4, ASB brings consistency of security capabilities across the Azure platform. Compliance and security baselines are critical for successful cloud migration and adoption by providing consistent security standards. Whether you are new to Azure or not, ASB provides streamlined guidance for improving the security and compliance posture of your Azure resources.
Use Cases:
For customers leveraging multiple products within the Azure Security suite, it can be difficult to have a single plan for hardening. Customers spend time manually pivoting across products rather than conducting proactive cloud security posture management or responding to alerts. This “better together” content offering enriches granular ASB assessments with Microsoft Sentinel logging for alerts/configuration over time to provide one place for security professionals to understand their cloud security posture. With actionable insights and real time information, this workbook empowers teams by equipping them with a single source of visibility and remediation across security products.
Rather than separately interfacing with Microsoft Defender for Cloud, Microsoft Sentinel, Azure Resource Graph, Azure Active Directory, Microsoft Defender for Endpoint, and additional products to understand compliance posture, the ASB Workbook centralizes the relevant data within the context of the ASB controls.
Initially released last fall, this updated workbook is mapped to Azure Security Benchmark v3, which includes an updated mapping to PCI-DSS 3.2.1. The updates also include expanded coverage across new control areas and controls, including DevOps Security controls, to provide comprehensive tracking of security posture.
Benefits and Improvements:
This workbook pulls data from over 25 Microsoft Security products, and as these products improve over time, the integration underlying the workbook strengthen as well. We’ve also added new control areas and controls to ensure this workbook provides a comprehensive tracking of your security posture. A controls crosswalk enables simplified searching across controls, products, or compliance assessments.
By aggregating data across multiple sources and aligning it to ASB controls, this new workbook enhances situational and operational awareness to create a more complete view of security posture. The workbook helps address compliance requirements with applicable control evidence, which can be used in support of audit requirements. It includes direct links to actionable workflows within the products, like direct hardening and remediation steps in Microsoft Defender for Cloud and investigation workflows in Microsoft Sentinel. In this way, the process of hardening workloads and improving security posture is streamlined and optimized. The workbook also allows for easy exporting and creation of reports, with relevant data aligned to each control, for sharing with stakeholders.
Get Started Today!
- Onboard Microsoft Defender for Cloud
- Onboard Microsoft Sentinel (optional)
- Enable Continuous Export of SecurityRecommendation data
- Consolidate Microsoft Defender for Cloud and Microsoft Sentinel Logging in a Log Analytics Workspace
- Access the Azure Security Benchmark Workbook on Github, Select Deploy to Azure (or Azure Gov)
- Authenticate to your Azure subscription
- Configure options > Review + Create
- Navigate to Microsoft Defender for Cloud
- Select Workbooks > Workbooks tab > AzureSecurityBenchmarkv3
- Review the workbook and provide feedback through our survey
Learn more about hardening workloads with Microsoft Defender for Cloud:
- Azure Security Benchmark Introduction
- Meeting the Cybersecurity Executive Order requirements with Azure Security
- Regulatory Compliance in Microsoft Defender for Cloud
Disclaimer
The Microsoft Defender for Cloud: Azure Security Benchmark Workbook demonstrates best practice guidance. This workbook provides visibility and situational awareness for cloud workload protection delivered with Microsoft technologies in predominantly cloud-based environments. Customer experience will vary by user and some panels may require additional configurations for operation. Recommendation cards do not imply coverage of respective controls as they are often one of several courses of action for approaching requirements which is unique to each customer. Recommendations should be considered a starting point for planning full or partial coverage of respective areas.