Secure DevOps kit for Azure

https://azsk.azurewebsites.net/index.html

Get started

Experience the powerful capabilities of the kit hands-on within minutes! Follow these 3 easy steps to get an exhaustive report of the security configuration of your cloud subscription and resources!

  1. Install the kit per these steps
  2. Scan your subscription
  3. Scan the resources inside the subscription

What’s New?

  • New cmdlets to automate common Privileged Identity Management (PIM) operations
  • ARM Template Checker now supports 3 new service types (Container Instances, EventHub, Search)
  • (Preview) Enhanced Security Scan for Azure Active Directory (AAD)
  • Support for extensibility for ARM Checker

Secure the Subscription

A secure cloud subscription provides a core foundation upon which subsequent development and deployment activities can be conducted. An engineering team should have the capabilities to deploy and configure security in the sub…Read More Enable secure development

During the coding and early development stages, developers should have the ability to write secure code and to test the secure configuration of their cloud applications. Just like build verification tests (BVTs), we introduce…Read More Integrate security into CICD

Test automation is a core tenet of devops. We emphasize this by providing the ability to run SVTs as part of the VSTS CICD pipeline. These SVTs can be used to ensure that the target subscription used to deploy a cloud applica…Read More Continuous Assurance

In the constantly changing dev ops environment, it is important to move away from the mindset of security being a milestone. We have to treat security as a continuously varying state of a system. This is made possible through…Read More Alerting & monitoring

Visibility of security status is important for individual application teams and also for central enterprise teams. We provide solutions that cater to the needs of both. Moreover, the solution spans across all stages of dev op…Read More Cloud risk governance

A secure cloud subscription provides a core foundation upon which subsequent development and deployment activities can be conducted. An engineering team should have the capabilities to deploy and configure security in the sub…Read More

Documentation

The “Secure DevOps Kit for Azure” (will be referred to as ‘AzSK’ henceforth) is a collection of scripts, tools, extensions, automations, etc. that caters to the end to end Azure subscription and resource security needs for dev ops teams using extensive automation and smoothly integrating security into native dev ops workflows helping accomplish secure dev ops Learn more

Videos

Learn how to get started quickly and use Secure DevOps Kit for Azure to secure your Azure infrastructure with “Secure DevOps Kit for Azure” Video library. Watch More