Aqua supports CSPM in Microsoft Azure accounts to help ensure the security and compliance of Azure resources.
TABLE OF CONTENTS
Connecting the Aqua to your Azure subscriptions is simple and straightforward and takes about 5 minutes. CSPM connects to your subscription through the use of an Active Directory application with "Security Reader" read-only permissions. Refer to our Azure setup guide for complete installation steps.
The Scanning Process
Once connected, CSPM will query various read-only APIs in your account to obtain information about the configuration of your infrastructure services. This information will be processed and analyzed by our security control plugins to produce a security report.
CSPM has hundreds of plugins, representing a variety of cloud security controls. Some example findings include:
- Misconfigured storage accounts exposed publicly
- NSG security groups configured to allow inbound access to sensitive services from the internet
- Databases, VM instances, and other services that are not encrypted
- Policies that allow extensive service or wildcard access to the subscription
To begin auditing your Azure subscriptions, simply register for an Aqua account and follow the connection process above.