Background analysis of log information is undoubtedly useful , but there are events that require immediate processing – for example , events related to IAM roles assignment . The CTP Azure Foundations Benchmark rules prescribe the creation of Azure Activity Log Alerts for change events that may have significant security ramifications . Azure Activity Log Alerts trigger the generation of real-time notifications , such as email or text messages , when an activity occurs that matches predefined alert conditions .
3 . Network
The network rules of the CTP Azure Benchmark are very much the same as the CIS AWS Foundations Benchmark . They validate basic Network Security Group ( NSG ) rules . These are the equivalent of a simple stateful packet filtering firewall , capturing information about the IP traffic in VNETs that represent your network on Azure .
Institutionalize the Use of Security Benchmarks Within Your Organization
Once you start validating the security posture of your Azure environments using the CTP Azure Foundations Benchmark , or similar benchmarks , how should you keep the compliance records for potentially hundreds of Azure environments ? How should you maintain the security policies defined by the benchmarks , to stay up-to-date given the pace of Azure innovations and changes ? In other words , how should you scale the process of consistently validating the security posture of your Azure environments ?
The CTP Azure Foundations Benchmark document is 120 pages . It will take , even an experienced Azure security specialist , well over one business day to audit one environment against the CTP Azure Foundations Benchmark and record the results .
That is why CTP offers the Continuous Compliance program to help enterprises define and manage the application of Compliance and Security Controls for cloud environments at scale , facilitating compliance efforts . The CTP Azure Foundations Benchmark is , in fact , the latest addition to the set of security policies , standards and benchmarks of the CTP Continuous Compliance for Azure program that is currently under development .
14 | THE DOPPLER | WINTER 2018