All ControlsCIS v1.3.0CIS v1.4.0CIS v1.5.0CIS v2.0.0CIS v2.1.0CIS v3.0.0CIS v4.0.0FedRAMP HighHIPAA HITRUST 9.2NIST CSF v2.0NIST SP 800-171 Revision 2NIST SP 800-53 Revision 5PCI DSS 3.2.1Reserve Bank of India - IT Framework for NBFC Regulatory Compliance
Dashboard: CIS v4.0.0
CIS Microsoft Azure Foundations Benchmark v4.0.0
Overview
The CIS Microsoft Azure Foundations Benchmark v4.0.0 provides prescriptive guidance for establishing a secure baseline configuration for Microsoft Azure. This benchmark covers foundational elements of Azure cloud platform.
Benchmark Categories
The benchmark is organized into the following categories:
- Identity and Access Management
- Security Center
- Storage Accounts
- Database Services
- Logging and Monitoring
- Networking
- Virtual Machines
- Key Vault
- AppService
- Other Security Considerations
Levels
Each recommendation in this benchmark has a level designation indicating the depth of the security control:
- Level 1 - Practical security configurations that can be configured with minimal complexity
- Level 2 - More restrictive and security-focused recommendations that may have higher complexity or operational overhead
Implementation Notes
- Some controls may require elevated permissions to assess or modify
- Consider business requirements and operational impact when implementing controls
- Regular review and updates of security configurations is recommended
- Use automation where possible to maintain consistent security baselines
References
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select CIS v4.0.0 dashboard.
You could also snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe benchmark run azure_compliance.benchmark.cis_v400 --share
Benchmark
This dashboard is automatically generated from the following benchmark:
benchmark.cis_v400