Microsoft Identity Manager 2016 - Penetration Testing Report

Karthikeyan Parthasarathy 21 Reputation points
2020-09-15T13:38:26.09+00:00

Hi

We are planning to migrate to MIM 2016. As part of the security assessment, we are looking for penetration report for MIM, services and MIM Portal. I found a pen test report from last year dated 2019/06/13 for the Azure environment in the below URL:

https://servicetrust.microsoft.com/ViewPage/TrustDocumentsV3?command=Download&downloadType=Document&downloadId=77d560f0-7374-45d2-87a2-21e2ab756f7f&tab=7f51cb60-3d6c-11e9-b2af-7bb9f5d2d913&docTab=7f51cb60-3d6c-11e9-b2af-7bb9f5d2d913_Pen_Test_and_Security_Assessments

I would like to know if there is latest report that is available for this year?

Thanks
Karthik

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,640 questions
0 comments No comments
{count} votes

Accepted answer
  1. Shashi Shailaj 7,581 Reputation points Microsoft Employee
    2020-09-17T15:26:12.997+00:00

    @Karthikeyan Parthasarathy ,

    The services trust portal holds the audit and compliance reports for Microsoft Cloud Services. At this point the Azure commercial penetration test report which you have downloaded is the one present for auditing azure cloud services as a whole. The report was updated on 11th nov 2019 and published on 7th feb on the services trust portal . There is no new report published for azure commercial after that date.

    As for your original request about Micorosft Identity Manager 2016 , we do not have a pen testing report for this product which can be shared publicly . Internal audits and checks are done using strict Security development practices for all of our products and MIM 2016 goes through the same rigorous checks. I would suggest you to install all the latest updates for the Microsoft Identity Manager 2016 and you should not see any issues. However considering the world of cybersecurity nothing is 100% secure and if you find anything in your audit/pen testing of MIM 2016 components , we would request you to report it to our Microsoft Security Response Center and we will help you with the same.

    25643-image.png

    You can raise an issue on the MSRC portal using the link as shown above if you find something problematic in your private audit of the product . At this point , unfortunately we do not have any public report on MIM 2016 to share on this with you . Hope this clarifies your query. In case the information is helpful , please do accept the post as answer so that it helps other members of the community with similar questions. Should you have any further questions on this, do let us know and we will be happy to help further.

    Thank you.

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful