Skip to main content

3. Conducting Cloud Security Assessments

Ensuring cloud security requires regular vulnerability assessments and compliance checks across various cloud providers. This guide outlines the procedures to assess security posture in AWS, Azure, and Microsoft Security (M365 & Entra ID).

Cloud Security – AWS Security

  • Log in to the Platform

    • Access the platform and sign in using your credentials.
  • Navigate to Cloud Security

    • Open the Side Navigation Bar on the left.

    • Click on the Cloud Security tab to access security tools.

  • Select AWS Security

    • Click on AWS Security to view available scanning options.

image.png

  • Verify AWS Account

    • Ensure that an AWS account ishas linkedalready throughbeen added to the Integrations page.platform.

    • If missing,no account is available, navigate to the Integrations page to add thean AWS account before proceeding.account.

  • Choose a Compliance Standard

    • Select a compliance framework to evaluate security posture:

      • CIS (Center for Internet Security)

      • PCI DSS v3.2.1 (Payment Card Industry Data Security Standard)

      • GDPR (General Data Protection Regulation)

      • SOC2 (System and Organization Controls 2)

  • Initiate the Scan

    • Locate the AWS account under the selected compliance framework.

    • Click Scan to initiate an automated security check.

image.png

Monitor and Review Results

  • Monitor scan progress, and upon completion, a report will be generated then open it.

image.png

  • Review findings, including:

    • Compliance gaps

    • Security misconfigurations

    • Vulnerabilities

image.png

Cloud Security – Azure Security

  • Log in to the Platform

    • Access the platform and sign in using your credentials.
  • Navigate to Cloud Security

    • Open the Side Navigation Bar and select Cloud Security.

  • Select Azure Security

    • Click Azure Security to access scan options.

image.png

  • Verify AzureAWS Account

    • Ensure that an AzureAWS account ishas already been added viato the Integrations page.platform.

    • If missing,no account is available, navigate to the Integrations page to add an accountAWS before proceeding.account.

  • Choose a Compliance Standard

    • Select a compliance framework for the security assessment:

      • ISO (International Organization for Standardization)

      • SOC2 (System and Organization Controls 2)

      • CIS (Center for Internet Security)

  • Initiate the Scan

    • Locate the Azure account under the selected compliance framework.

    • Click Scan to start the security analysis.

image.png

Monitor and Review Results

  • View scan progress on the Cloud Security Dashboard.

image.png

  • Analyze scan results to detect:

    • Compliance gaps

    • Security misconfigurations

    • Vulnerabilities

image.png

Cloud Security – Microsoft Security (M365 & Entra ID)

  • Log in to the Platform

    • Access the platform and sign in using your credentials.
  • Navigate to Cloud Security

    • Open the Side Navigation Bar and click Cloud Security.

  • Select Microsoft Security

    • Click Microsoft Security to access security assessment tools.

image.png

  • Verify MicrosoftAWS Account

    • Ensure athat Microsoftan AWS account ishas already been added viato the Integrations page.platform.

    • If missing,no account is available, navigate to the Integrations page to add an accountAWS before initiating scans.account.

  • Choose the Desired Scan Type

    • Select the security scan based on the platform:

      • M365 (Microsoft 365) – Security and compliance assessment.

      • Entra ID (Identity Governance and Administration) – Identity security analysis.

  • Initiate the Scan

    • Locate the Microsoft account under the relevant security category.

    • Click Scan to start the assessment.

image.png

Monitor and Review Results

  • Track scan progress in the Cloud Security Dashboard.

image.png

  • Review scan findings to identify:

    • Security gaps

    • Misconfigurations

    • Vulnerabilities

image.png

Back to top