What’s new: Azure Security Benchmark Workbook update
This blog is co-authored by TJ Banasik, CISSP-ISSEP, ISSAP, ISSMP, Principal Product Manager, Microsoft Cloud & AI Security.
Today we’re announcing the next iteration of the Azure Security Benchmark (ASB) Workbook, which provides a single pane of glass for gathering and managing data to address ASB control requirements. The power of this workbook lies in its ability to aggregate data from more than 25 Microsoft Security products and to apply these insights to relevant controls in the ASB framework.
Rather than separately interfacing with Microsoft Defender for Cloud, Microsoft Sentinel, Azure Resource Graph, Azure Active Directory, Microsoft Defender for Endpoint, and additional products to understand compliance posture, the ASB Workbook centralizes the relevant data within the context of the ASB controls.
Initially released last fall, this updated workbook empowers larger organizations by consolidating across over 200 workspaces. Redesigned interface and control cards allow for seamless navigation across the workbook and an enhanced user experience.
Learn more about updates to the workbook in the video below:
This workbook pulls data from over 25 Microsoft Security products, and as these products improve over time, the integration underlying the workbook strengthen as well. We’ve also added new control areas and controls to ensure this workbook provides a comprehensive tracking of your security posture. A controls crosswalk enables simplified searching across controls, products, or compliance assessments.
By aggregating data across multiple sources and aligning it to ASB controls, this new workbook enhances situational and operational awareness to create a more complete view of security posture. The workbook helps address compliance requirements with applicable control evidence, which can be used in support of audit requirements. It includes direct links to actionable workflows within the products, like direct hardening and remediation steps in Microsoft Defender for Cloud and investigation workflows in Microsoft Sentinel. In this way, the process of hardening workloads and improving security posture is streamlined and optimized. The workbook also allows for easy exporting and creation of reports, with relevant data aligned to each control, for sharing with stakeholders.
Learn more about hardening workloads with Microsoft Security:
- Azure Security Benchmark Introduction
- Meeting the Cybersecurity Executive Order requirements with Azure Security
- Announcing the Microsoft Sentinel: Zero Trust (TIC3.0) Workbook
- Microsoft Sentinel Cybersecurity Maturity Model Certification (CMMC) Workbook
Disclaimer: The Microsoft Defender for Cloud: Azure Security Benchmark Workbook demonstrates best practice guidance. This workbook provides visibility and situational awareness for cloud workload protection delivered with Microsoft technologies in predominantly cloud-based environments. Customer experience will vary by user and some panels may require additional configurations for operation. Recommendation cards do not imply coverage of respective controls as they are often one of several courses of action for approaching requirements which is unique to each customer. Recommendations should be considered a starting point for planning full or partial coverage of respective areas.