Apr 04 2020 05:42 AM
We are helping a customer who is in the education industry. They are a big university. We have to find out what kind of security mechanisms are in place in their environment and the resources they have deployed. My customer is using AKS, Azure VMs and few PaaS Services.
So i would like to know what is the best way to generate this report of the existing Security features and controls that are in place in the environment to ensure they are compliant with PCI and HIPAA standards or NIST 800-53 R4. Based on this report we have to recommend them Azure security best practices so that the security gaps are plugged . Someone was telling me to use tools from Tenable and Prisma from Palo Alto.
Is there any native way in Azure that i can generate this report or can this be done using any powershell scripts say?
Appreciate any help
Apr 08 2020 04:04 AM
@palchak enable Azure Security Center in your subscription, upgrade it to Standard tier (upgrade is free for 30 days) and wait for ASC to scan the resources available in the subscription and generate the security recommendations. Here a quick tutorial on how to onboard ASC https://docs.microsoft.com/en-us/azure/security-center/security-center-get-started