The Problem

Things move fast in cloud environments. Cloud providers update their services often, platform teams and site reliability engineers are always making small tweaks, and devOps teams are always deploying the next version of their product. All the while, offensive techniques against new or existing systems are discovered every week.

Each change made in your cloud environment could introduce a vulnerability or attack path. While a point in time assessment or test can inform you on what types of issues have been observed in your environment, it does not provide any assurance that similar issues are not being introduced and removed on a daily basis.

How do you ensure that new attack paths and vulnerabilities are identified in this ever-changing environment?

What do you do if a new attack technique is identified or observed in the wild, and you don't know if it can impact your Azure or Entra services?

What it is

At Daze, we place a great emphasis on the human element of testing and security work - automation is great for augmenting testers, but can not replace the creativity or customer interactions that you get from having a human present.

Our Azure Continuous Security testing is a mix of both. It is driven manually by security researchers that constantly hunt for new vulnerabilities in your environment, who are supported by custom in-house automation and tooling that is tuned to each environment.

This provides the best of both worlds - customers can have consistent validation that various classes of issues are not present in their environment, and also have a human researcher that will constantly test new techniques and hunt for issues specific to your environment.

Something like an offensive SOC, if you will.

How it works

Setup:

Daze uses a customer scanner that will be implemented into your environment. This is a small implementation that can be performed over a lunch break.

Daze will also be given a read-only user in your environment for research and testing.

Onboarding:

Daze will onboard to your specific environment. This includes settings scope and rules of engagement, as well as general onboarding.

Testing:

Security testing will begin after onboarding Daze. This is a low-intensity continuous activity that wont disrupt your normal operations.

This is where the magic happens, and every environment is different. During the onboarding phase, we agree on what types of issues should be reported during testing. One of the benefits of a hybrid service such as ours is the flexibility to tune the types of issues that should be reported to be "architecturally aware", instead of relying solely on the naive output from a tool.

At this point, you can lower your shoulders and forget about us, except for our check ins.

Continuous Reporting:

In a normal test, you get a report and a list of findings at the end of the test. In a continuous-style test, there is no end, so you also need continuous reporting.

Daze offers several options for continuous reporting of issues identified during our testing. Get in contact if you would like to hear more, and explore how you can integrate our reporting into your normal operations.