16 February 2023

Creating More Secure Cloud Environments with Microsoft and Synack

Greg Copeland

The cloud moves fast, software development moves fast and attackers move fast too. Can your cloud governance keep up?

Setting up security controls correctly at the start of a cloud migration project won’t work in the long-term with rapidly changing cloud environments. Cloud security benchmarks must be continuously followed to be effective, requiring frequent testing and monitoring for compliance.

Microsoft’s cloud security benchmark, Azure Security Benchmark (ASB), provides best practices and recommendations to help improve security of cloud-hosted infrastructure and application workloads. The benchmark gives you a starting point for selecting specific security settings in your environment to reduce risk to your organization.

Note: Microsoft recently rebranded Azure Security Benchmark as Microsoft Cloud Security Benchmark, Synack is compatible with this update.

ASB, along with tools such as Microsoft Azure Sentinel and Microsoft Defender for Cloud, offer robust defensive security capabilities, but like any toolset, they can’t do their best unless properly used. This is where Synack can help.

Synack, a Microsoft Intelligent Security Association member, has teamed with Microsoft to offer a Microsoft Security approved solution for offensive testing against ASB’s security controls. Synack’s continuous security testing combines the machine intelligence of our software platform with the human expertise and insights of our 1,500 vetted security researchers from the Synack Red Team. This scalable solution marries the speed of automated security testing with in depth findings of security experts.

Synack has developed a set of security tests designed to thoroughly test for proper adoption of ASB controls. Synack is also a continuous subscription, allowing ASB compliance to be maintained year round, despite frequent changes inherent in cloud deployments.

The joint solution from Synack and Microsoft Security Services, fulfills several use cases:

  • Ensures a secure deployment of cloud services and application workloads
  • Evaluates the security posture of new deployments and releases
  • Continuously measures and prioritizes risks to improve cloud security posture
  • Makes recommendations to remediate security gaps and re-tests after patching
  • Tests in multi-cloud environments

With Synack’s ASB testing, detailed findings are available related to hundreds of specific ASB controls. The combination of Synack’s automated scanning paired with the human insights of the SRT allow us to go far deeper than simple pass/fail test results. For each ASB tested you receive:

  • Details of the ASB controls tested
  • Test methodology used
  • Evidence collected
  • Explanation of findings
  • Recommendations to address gaps (for failed tests)
  • Option to retest after patches have been applied

ASB testing results and Synack vulnerability data can be delivered in a variety of ways as best suited to your organization’s security operations and workflows.

  • Dashboard reports with detailed drill down within the Synack portal
  • Downloadable PDF reports
  • Monitoring in Microsoft Security tools via existing Synack integrations

If you’d like to get a brief demonstration of Synack’s Azure Security Benchmark testing capabilities, please take a look at this demo video

For more information, please reach out to your Microsoft Security Services contact, or email us at [email protected]