Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?


Failed to load latest commit information.
Latest commit message
Commit time
May 19, 2022 10:32
June 17, 2023 02:22
April 20, 2023 14:00
November 1, 2023 16:54
June 15, 2023 10:46
June 22, 2023 14:52
September 21, 2023 09:55
April 19, 2021 18:39
July 6, 2022 12:44
April 15, 2022 16:31

The Azure Tenant Security Solution (AzTS) was created by the Core Services Engineering & Operations (CSEO) division at Microsoft, to help accelerate Microsoft IT's adoption of Azure. We have shared AzTS and its documentation with the community to provide guidance for rapidly scanning, deploying and operationalizing cloud resources, across the different stages of DevOps, while maintaining controls on security and governance.
AzTS is not an official Microsoft product – rather an attempt to share Microsoft CSEO's best practices with the community.

Azure Tenant Security Solution (AzTS)

On this page:


The Azure Tenant Security Solution (AzTS) from the AzSK team can be used to obtain visibility to cloud subscriptions and resource configuration across multiple subscriptions in an enterprise environment. The AzTS is a logical progression of DevOps Kit which helps us move closer to an implementation of cloud security compliance solution using native security capabilities in Azure platform that are available today. Functionally, it is similar to running AzSK Continuous Assurance (CA) in central-scan mode.

Why Azure Tenant Security Solution?

The AzTS Solution was created with the following explicit objectives (some of which were harder to accomplish using the existing Automation-based Continuous Assurance approach):

  • Ability to scan large number of subscriptions in a central scan model in a cost-effective and time-efficient manner
  • Being able to scale scanning capability up or down without externally imposed constraints (e.g., runbook memory, runtime limits)
  • Speeding up our effort to transition to native features (being able to respond to changes in Azure more rapidly and deploy modifications to controls)
  • Enable incremental transition of our controls from custom code to Azure/MDC policy-based approach (using MDC/policy-based controls where available today and continue to migrate as more controls become available)

Back to top…


For any feedback contact us at:


No description, website, or topics provided.







No releases published


No packages published