Microsoft Azure Security Framework

Emilian Cebuc and Christian Philipov
August 2021

Scott Piper’s AWS Security Roadmap became "the handbook” for security in the AWS community, but an equivalent source of comprehensive guidance for Microsoft Azure users has been harder to come by. Considering how many organizations now use the platform, this has been a large void, filled either by teams translating AWS instructions or piecing together Microsoft’s documentation. What organizations have needed is a single security roadmap, providing the security building blocks to consider, interpret, and deploy across your own workstreams.

Our answer is the Microsoft Azure Security Framework. Written by consultants for managers and their technical teams, the paper outlines what good security looks like in Azure, why, and how to resolve existing underlying issues and build resilience into your platform. Broken into 9 focus areas, it offers core principles to work by as your environment evolves over time.

What’s inside?

  • A priority list of security considerations for Azure
  • A set of principles to follow when building and working in your platform
  • A mix of instructional (practical) and strategic guidance for you and your teams
  • Recommended systems, measures, and approaches

Related resources


Normal or malicious? The challenges of threat detection in the cloud

In the cloud, threat detection has moved away from the telemetry of endpoints, to the telemetry of specific actions. With so many logs to account for, what tools and services should you use to collect them?

Read now

Cloud security: striking the balance between risk, speed, and cost

Your organization's risk profile will impact how you approach cloud migration. Learn how to balance your security needs with the speed and cost-effectiveness both required for you to remain competitive. 

Read now