Microsoft Cloud Security Benchmark vs PSRule #1428
-
|
Are there plans to align the default baseline(s) more with the Microsoft Cloud Security Benchmark? As an example, the MCSB has a good default ruleset for auditing diagnostic logs, but the Azure.Default baseline seems to currently have similar built-in rules for Key Vault, Automation account, App Configuration store and AKS. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
@mbent015 Thanks for the question. MCSB is a security benchmark so mostly focuses on 1 out of 5 of the Well-Architected Framework (WAF) pillars. PSRule for Azure is aligned to all 5 pillars of the WAF, so a lot of the baseline will have more then just security rules. However we have considered and plan to release a baseline targeting MCSB, we've started some work to make this happen :) You can track it out over here: Azure/PSRule.Rules.Azure#1634 However if you have specific thoughts please let us know. Does this answer your question? |
Beta Was this translation helpful? Give feedback.
-
|
Thanks, that makes sense. Looking forward to see how the Azure.MCSB.v1 progresses. |
Beta Was this translation helpful? Give feedback.
@mbent015 Thanks for the question.
MCSB is a security benchmark so mostly focuses on 1 out of 5 of the Well-Architected Framework (WAF) pillars.
PSRule for Azure is aligned to all 5 pillars of the WAF, so a lot of the baseline will have more then just security rules.
However we have considered and plan to release a baseline targeting MCSB, we've started some work to make this happen :)
You can track it out over here: Azure/PSRule.Rules.Azure#1634
However if you have specific thoughts please let us know.
Does this answer your question?