Overview
Using this feature you can run CIS benchmark tests (v1.0.0) for your Azure cloud. This includes CIS level 1 and level 2 checks for Azure as specified here: https://www.cisecurity.org/benchmark/azure/
Pre-requisites
Azure CLI is required, please install it by following the steps mentioned here for your Operating System.
Steps involved
- Open a new shell / terminal.
- Check that twigs is installed and running properly by running below command:
twigs azure_cis -h
- Sign in into your Azure instance using Azure CLI as described here on the host where you will be running twigs.
- You can run the command below:
twigs azure_cis --assetid UNIQUE_ASSET_ID --assetname NAME_LABEL_FOR_ASSET
- Asset id is not optional. Use a unique identifier for your Azure cloud instance as an asset.
- After discovery is complete, you can login into ThreatWorx Console to view the newly discovered Azure instance as an asset as well as results of the CIS benchmark tests.
- Twigs will automatically mark/resolve any fixed issues that were discovered as part of a previous run.
Example
$ twigs azure_cis --assetid prod_azure_cis --assetname "Production Azure CIS"
Run CIS benchmark checks for Azure CSPM. Note you need to login into Azure CLI first.