Can it detect network-level vulnerabilities?

Yes, it inspects storage account network rules to ensure default actions are set to Deny instead of Allow, preventing exposure to all networks.

Are the reports aligned with security standards?

Yes, the JSON output provides findings and remediation steps specifically aligned with CIS Azure Benchmark controls.

Does it support Azure Data Lake Storage (ADLS)?

Yes, it audits both standard Blob storage and ADLS accounts for security best practices using the storage management client.

What does this skill audit in Azure Storage?

It checks for public access, disabled HTTPS, outdated TLS versions, missing encryption, and insecure SAS token configurations.

What are the prerequisites for running this skill?

You need Python 3.9+, the azure-mgmt-storage and azure-identity libraries, and an Azure Service Principal with at least Reader access.

Azure Storage Security Auditor

Name: Azure Storage Security Auditor
Author: micsapp

bymicsapp

0•

보안 및 테스팅

Audits Azure Storage accounts for security vulnerabilities including public access, weak encryption, and outdated TLS versions using the Python SDK.

This skill empowers security professionals and developers to proactively identify and remediate risks within Azure Storage environments, covering both Blob and ADLS instances. It leverages the azure-mgmt-storage Python SDK to perform deep inspections of security properties such as SAS token lifespans, HTTPS enforcement, and network access rules. By generating risk-scored reports aligned with CIS Azure Benchmarks, it streamlines the process of threat hunting and compliance validation within cloud-native architectures.

주요 기능

010 GitHub stars

02Validation of HTTPS enforcement and minimum TLS 1.2 compliance

03Automated detection of public blob and container access exposures

04Evaluation of network firewall rules and default access policies

05Inspection of encryption-at-rest and customer-managed key settings

06Analysis of SAS token permissions and expiration risks

사용 사례

01Investigating potential data exposure during security incident response

02Conducting routine security audits to maintain CIS Azure Benchmark compliance

03Validating cloud infrastructure security posture after new resource deployments

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills detecting-azure-storage-account-misconfigurations

For use in Claude.ai and ChatGPT

주요 기능

010 GitHub stars

02Validation of HTTPS enforcement and minimum TLS 1.2 compliance

03Automated detection of public blob and container access exposures

04Evaluation of network firewall rules and default access policies

05Inspection of encryption-at-rest and customer-managed key settings

06Analysis of SAS token permissions and expiration risks

사용 사례

01Investigating potential data exposure during security incident response

02Conducting routine security audits to maintain CIS Azure Benchmark compliance

03Validating cloud infrastructure security posture after new resource deployments

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills detecting-azure-storage-account-misconfigurations

For use in Claude.ai and ChatGPT