Security: 2-Wk Azure Security Assessment

Detailed review of the current security posture of the Azure Subscription. The review is based on the Cloud Security Alliance (CSA) best practices, the Microsoft Azure Well-Architected Framework, and relevant technology-specific best practices. It includes an architecture review and an analysis of Azure configuration and setup. Please note that this security review is not an application penetration test.

This security review includes:

• Architecture Security Review
• Threat analysis for the concrete Subscription or Application
• Result analysis from Azure native tools (e.g. Microsoft Defender for Cloud) incl. risk assessment, interpretation, and potential remediation
• Additional checks/scan depending on concrete use-case and technologies in place
• If applicable, a CI/CD pipeline security review incl. security processes in pipeline

The areas covered by this security review are:

• Network security
• Identity management
• Privileged Access
• Data protection
• Asset management
• Logging and threat detection
• Incident response
• Posture and vulnerability management
• Secrets & Key management
• Backup and recovery
• DevOps Security