Collection of Azure Resource Manager templates to deploy Azure security baseline services.

Network Security Baseline for Azure Kubernetes Service (AKS)

This repository contains a baseline configuration for a Windows Active Directory Forest based on the Enhanced Security Administrative Environment principles. The domain is managed remotely via pull request utilizing PowerShell Desired State Configuration (Infrastructure As Code). This environment is Windows Azure Hybrid ready and supports domain-less desktop management through Azure AD Device Writeback.

Security configuration scripts based on Azure Defender Recommendations

Contains Azure Policies to help establish a security baseline for resources.

A repository for deploying Azure Red Hat OpenShift (ARO) and Azure OpenAI within a secure baseline, ensuring full privacy and security compliance.

Turnkey scripts to build a Windows-on-ARM (Surface) dev box: latest runtimes (Python/Node/Go/Rust/.NET/JDK), VS Code Insiders, Docker, WSL/Ubuntu, AWS/Azure/gcloud/Terraform/Packer. Includes performance & security baseline, Dev Drive caches, power-plan auto toggle, tests, and .NET upkeep.

Azure Security Baseline

This repository provides a complete security baseline checklist, compliance automation using Azure Policy, and remediation scripts. It also includes playbooks and ARM templates for enforcing compliance with standards like GDPR, HIPAA, PCI-DSS, and more.

Portal-only Azure RBAC baseline using Entra ID security groups and RG-scoped least privilege (AZ-104 aligned)

I created an Azure-based Active Directory project to showcase system hardening and compliance alignment. By deploying a Windows Server 2025 Domain Controller, applying baseline GPOs, and mapping them to NIST SP 800-53 RMF controls, I demonstrated hands-on skills in AD management, Windows security, and compliance workflows.

Azure Security Baselines

This repo is a reference implementation for building a secure Azure environment following cloud security practices and real-world enterprise controls. This project demonstrates how to design, deploy, and enforce a cloud security posture across Azure using Infrastructure as Code, Azure Policy, Defender for Cloud, and automated remediation.

No description available

Terraform-provisioned Azure environment that audits itself — NSG analysis, Defender for Cloud, Entra ID logging, and automated findings reporting

No description available

No description available

Bicep-based Azure Security Baseline (Defender, Sentinel, Policy-as-Code)

No description available

A DSC composite module to secure a Windows server to the Azure Security Baseline

Azure Security Baseline Checker (Python)

Deploys Azure AI Foundry using the Azure AI Baseline Reference Architecture, following best practices for networking, security, and model integration. It provisions infrastructure for chatting over data using Azure AI Search, event-driven processing for indexing, Bicep for IaC, and testing in the Playground interface.

harvey-nash-azure-security-baseline-poc

No description available

Azure Policy, security baselines, RBAC, and CIS benchmark automation for Azure Local

Mini security baselines: AWS Terraform, Azure HIPAA policy, E8 PowerShell & Docker CIS playbook

Automated deployment of an Azure Kubernetes Service cluster configured with Azure Policy for enforcing security baselines (Zero-Trust).

Production-ready Terraform security baseline for AWS/Azure environments. Focus on CIS Benchmarks & N8 Compliance.

🛡️ Comprehensive Azure cloud security hardening guide with CIS benchmarks, security baselines, Terraform templates, and compliance frameworks for enterprise environments.

Azure Monitor Workbook and KQL queries for tracking security baseline coverage in Microsoft Defender for Cloud