Not Monitored
Tag not monitored by Microsoft.
43,919 questions
Azure "certification" that Azure SW, used by customers, is checked to only contain approved code
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 1%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
Jeff Calotta
1
Reputation point
In the Spirit of Zero Trust, Azure customers are asking for Azure "certification" that Azure software, for customer use, has a level of Zero Trust "certification".
What Azure "certifications" are available to share with customers that Azure SW, used by customers, has been scanned and is free of "solarwind" type and other issues ?
Is there Azure "certification" that Azure SW, used by customers, is checked to only contain approved code (eg SaST, Static Application Security Testing ) ?
Customer Need: Avoid a "SolarWinds" problem of Azure SW containing un-authorized capability.
How does the customer know the Azure SW is "certified" free of "bad stuff" ?
Azure Use Case# 1 : Azure SW Discovery and Assessment. Customer is considering use of Azure SW (agentless and server installed versions) for discovery / assessment of customer's on-prem environment.
Azure Use Case#2: Azure SW Migrate. Customer is considering use of Azure SW to migrate from on-prem to Azure (Apps, Data, Web Aps, etc)
Thanks
Not Monitored
Sign in to answer