Smart Security Scanner — Enabling Multi-layered Secure Azure Cloud Platform

  • As of today, not less than 70% of the world’s businesses operated fully or partially on the cloud.
  • While these businesses are being attracted by lower costs, flexibility, increased collaboration and the freedom cloud offers, these benefits also come with a fair share of security risks. This is why not less than 90% of businesses that utilize the cloud are now more concerned than ever on public cloud security.
  • Hence security of the cloud platform is very important in order to avoid any data leakage and to be GDPR complaint.

Why Smart Security Scanner ?

Reference : GDPR Enforcement tracker (https://www.enforcementtracker.com/)

Introduction to Smart Security Scanner

  • Smart Security Scanner is an automated tool which will automatically scan and report different layers of securities :Storage, Compute ,Resource , Network and Resource compliance.
  • Features of Smart Security Scanner :

— Robust implementation eliminates manual intervention and more control with respect to Security , Audit and GDPR compliance.

— Security compliance of the various resource groups will be reported and logged at a central place in the form of visualized dashboards.

How does it work ?

Azure Devops Task Group

— Smart Security Scanner is implemented using Azure Devops Continuous Deployment Release pipelines.

— Release pipeline contains tasks to perform security scanning at different layers like resource, storage and networks.

— Release pipeline is scheduled to run daily at a specified time as mentioned in the below screen shot.

Azure Devops Release pipeline scheduling

— Smart Security Scanner pipeline shows compliance/non-compliance result as shown below.

Implementation Steps

— Github Repo : https://github.com/sagu94271/seaa/blob/main/Smart%20Security%20Scanner%201.0/Classic%20Azure%20Devops/smart_security_scanner.json

— Download release pipeline json from the above Github repo.

— Import the json file in the Azure Devops release pipeline.

— Schedule pipeline to run it every day/week based on your convenience.

Now, Smart Security Scanner Tool is ready to use :)

Feel free to share your feedback about this tool and any suggestion for future improvements.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store