# Conducting Cloud Security Assessments Ensuring cloud security requires regular vulnerability assessments and compliance checks across various cloud environments. The **SecOps module** in XOps 360 enables organizations to evaluate their **security posture and compliance status** across **AWS, Azure, and Microsoft environments** including **Microsoft 365 and Entra ID**. This guide outlines the steps required to initiate compliance scans and review security findings. ### **Cloud Security – AWS Security Assessment** - **Log in to the Platform** - Access the platform and sign in using your credentials. - **Navigate to SecOps** - Open the **Side Navigation Bar** located on the left side of the screen. - Click **SecOps** to expand the available security modules. - Select **Compliance Dashboard** . - **Select Compliance Standard**Under the Compliance Dashboard, choose one of the following AWS compliance frameworks: - **AWS CIS v5.0 (Center for Internet Security)** - **AWS SOC2 (System and Organization Controls 2)** - **AWS GDPR (General Data Protection Regulation)** - **AWS PCI DSS (Payment Card Industry Data Security Standard)** - These frameworks evaluate AWS cloud configurations against industry security best practices. [![image.png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/vr3lxa2DsXCWHl7q-image.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/vr3lxa2DsXCWHl7q-image.png) - **Verify AWS Account** - Ensure that an AWS account has already been added to the platform. - If no account is available, integrate the AWS account before initiating the scan. - **Initiate the Scan** - Locate the AWS account under the selected compliance framework. - Click **Scan** to initiate an automated security check. - The system will analyze AWS configurations and security controls. [![Untitled design (18).png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/SMxeORBe4wwI3RDi-untitled-design-18.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/SMxeORBe4wwI3RDi-untitled-design-18.png) **Monitor and Review Results** - Monitor scan progress, and upon completion, a report will be generated then open it. [![Untitled design (19).png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/34XATvDC69Pi8yEf-untitled-design-19.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/34XATvDC69Pi8yEf-untitled-design-19.png) - Review findings, including: - Compliance gaps - Security misconfigurations - Vulnerabilities [![Untitled design (20).png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/eI6CHhIHu8YUyg7z-untitled-design-20.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/eI6CHhIHu8YUyg7z-untitled-design-20.png) ### **Cloud Security – Azure Security** - **Log in to the Platform** - Access the platform and sign in using your credentials. - **Navigate to SecOps** - Open the Side Navigation Bar - Click **SecOps → Compliance Dashboard**. - **Select Azure Compliance Standard** Choose the compliance framework used to assess Azure security posture. - Available frameworks include: - **ISO 27001 (International Organization for Standardization)** - **SOC2 (System and Organization Controls 2)** - **CIS (Center for Internet Security)** - These frameworks analyze Azure configurations against established security standards. [![image.png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/9U392YjGcCegYdWx-image.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/9U392YjGcCegYdWx-image.png) - **Verify Azure Account** - Ensure that an Azure account has already been added to the platform. - If no account is available, connect the Azure account before running the scan. - **Initiate the Scan** - Locate the **Azure subscription** listed under the selected compliance framework. - Click **Scan** to initiate the Azure security assessment. [![Untitled design (24).png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/Junzf4DDvzpvr857-untitled-design-24.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/Junzf4DDvzpvr857-untitled-design-24.png) **Monitor and Review Results** - Monitor scan progress, and upon completion, a report will be generated then open it. [![Untitled design (22).png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/CWn6YMI0S7vtuJq8-untitled-design-22.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/CWn6YMI0S7vtuJq8-untitled-design-22.png) - Analyze scan results to detect: - Compliance gaps - Security misconfigurations - Vulnerabilities [![Untitled design (25).png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/Pi2z5DwyaYfJFRly-untitled-design-25.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/Pi2z5DwyaYfJFRly-untitled-design-25.png) ### **Cloud Security – Microsoft Security (M365 & Entra ID)** - **Log in to the Platform** - Access the platform and sign in using your credentials. - **Navigate to SecOps** - Open the Side Navigation Bar - Click **SecOps → Compliance Dashboard**. **Microsoft Entra ID Security Assessment** - **Select Entra ID** - Under the Compliance Dashboard, click Entra ID. - This feature evaluates identity security configurations within Microsoft Entra ID. [![image.png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/VLasQiBxU8UMj2GF-image.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/VLasQiBxU8UMj2GF-image.png) - **Verify Microsoft Tenant** - Ensure that the **Microsoft Entra ID tenant** has already been connected to the platform. - If the tenant is not connected, integrate the Microsoft account before running the scan. - **Initiate the Scan** - Locate the **Entra ID tenant** in the dashboard. - Click **Scan** to start the assessment. [![Untitled design (27).png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/zLIrkn3wfw6lmM1W-untitled-design-27.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/zLIrkn3wfw6lmM1W-untitled-design-27.png) **Monitor and Review Results** - Track scan progress in the **Scan History** section. [![Untitled design (28).png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/iOv20wVb65p6vkRN-untitled-design-28.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/iOv20wVb65p6vkRN-untitled-design-28.png) - Review scan findings to identify: - Identity security issues - Authentication policy risks - Misconfigured access controls [![Untitled design (29).png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/z7p7oVLwGtwbv3qZ-untitled-design-29.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/z7p7oVLwGtwbv3qZ-untitled-design-29.png) **Microsoft 365 Security Assessment** - Select Microsoft 365 - Navigate to **SecOps → Compliance Dashboard → M365**. - This feature evaluates the security posture of Microsoft 365 services. [![image.png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/OXhmYU5wgYPVhEe0-image.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/OXhmYU5wgYPVhEe0-image.png) - **Verify Microsoft 365 Tenant** - Ensure that the **Microsoft 365 tenant** has been connected to the platform. - If no tenant is available, integrate the Microsoft account before initiating the scan. - **Initiate the Scan** - Locate the **Microsoft 365 tenant** in the dashboard. - Click **Scan** to start the assessment. [![Untitled design (30).png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/ip7ap97Bptbb9ivS-untitled-design-30.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/ip7ap97Bptbb9ivS-untitled-design-30.png) - **Monitor and Review Results** - Monitor scan progress under **Scan History**. [![Untitled design (32).png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/cpKYHsiIGrfGBE4S-untitled-design-32.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/cpKYHsiIGrfGBE4S-untitled-design-32.png) - Once the scan is completed, review findings such as: - Security gaps - Compliance violations - Configuration risks [![Untitled design (33).png](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/scaled-1680-/AXU40AWXbMCiQHXW-untitled-design-33.png)](https://xops-docs.axiomio.com/uploads/images/gallery/2026-03/AXU40AWXbMCiQHXW-untitled-design-33.png) - These results help strengthen the **Microsoft 365 security posture**. **Note:** - For accessing historic reports or addressing scan failures, refer to the [Report History Page](https://xops-docs.axiomio.com/books/xops-360-documentation/page/accessing-and-managing-report-history) for further details and View error.