Security compliance for azure resources

HASSAN BIN NASIR DAR 326 Reputation points
2024-12-18T01:01:13.4566667+00:00

Hi

My customer wants me to check security breaches in his Azure tenant. He has one subscription and many resource groups. Many resources are inside the resource group.

How to start and what things should I check?

For example; if I will start with subscription, I will check how many users have global administrator and contributor roles.

Resource groups: I will check the resource group lock.

So how to check which resource can be compromised or unprotected?

If you have done this kind of work before and have a document. Please share with me. Thanks

Regards

HD

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,449 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Stanislav Zhelyazkov 25,326 Reputation points MVP
    2024-12-18T07:21:27.74+00:00

    Hi,

    The question you are asking is very general so it can only be answered that way. If you want to protect your resources Azure offers two options - Defender for Cloud and Microsoft Sentinel. They offer different security features depending on what you want to achieve. They will generate additional cost if enabled. You are free to use also any third party security tools/services if they fit more to your needs.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.