4 week azure security assessment

mnemonic's Azure security assessment offers a point in time evaluation of the security posture of your Azure deployment. The evaluation includes both an offensive security assessment of the Azure deployment, which identifies attack paths and vulnerable configurations in the environment, as well as a review of the overall security architecture against frameworks such as Microsoft's well-architected framework.

This assessment focuses on a few key areas in the environment:

• Azure Active Directory configurations
• Identity and Access Management architecture
• Monitoring strategy and architecture
• Resource governance
• Network architecture and configurations
• Azure infrastructure and resource configurations
• Azure Policy and security center

Approach

mnemonics approach to this review includes interviews and workshops with technical stakeholders, documentation review, and technical configuration review based on the workshops and documentation received.

mnemonic will perform this activity in multiple stages, starting with technical walkthroughs and workshops where consultants learn about the business drivers and functional requirements for the solution. During this time, consultants will also have access to documentation of the solution for further review.

Following the workshops and documentation review, consultants will review the current technical configurations of the deployment. During this review, consultants may need to schedule new workshops, or be able to ask questions to the technical stakeholders for the Azure deployment within Guard.

Output

The output of this assessment is a written report. This report includes an executive summary, vulnerabilities identified in the environment, a technical write-up of the current state of the security architecture, and remediation advice for vulnerabilities and architectural challenges. Upon completion of the report, the consultants that tested the environment can present their findings.