We’re changing the way consultants assess Azure Subscriptions and detect Attack Paths.
All you need is “Reader” access to an Azure Subscription and a few minutes time, that’s it, nothing more.
In The Olden Days
Typically, as consultants being tasked with a security assessment of an Azure Subscription we would have manually clicked around the Azure Portal trying to find issues. If we were lucky, the customer had Defender for Cloud enabled in their environment which would give us somewhere to start from.
We might have also used some custom PowerShell and bash scripts, maybe some Open Source tools, ranging from well-maintained to completely abandoned.
Overall, getting to the point where the human experience needs to take over and actually “connect the dots” and start having conversations with the customer, that used to take a long time.
The ARGOS Way
All of that effort we now kiss good-bye. In ARGOS, we now only need an Azure Access Token to execute an assessment of an environment.
In really only 60 seconds you will configure an assessment and can then go do something else. ARGOS will notify you via email once the scan is complete.
Step 1: Go to https://app.argos-security.io/oneOffScan and fill in the Entra domain the Subscription is a part of. (this assumes you already registered for an ARGOS account)
Step 1.1: Get the Azure Access Token (via PowerShell or Azure CLI). Make sure you have logged in before.
(Get-AzAccessToken).Token | Set-Clipboard
Or
az account get-access-token | jq .accessToken
Step 2: Paste this token into ARGOS and select one or many Azure Subscriptions or Management Groups. Once “Start Scan” is selected things will just happen in the background.
Review Azure Attack / Lateral Movement Paths
When the scan is complete you will receive an email from ARGOS with the subject “ARGOS – Azure scan completed”.
Now you can download the Word report or go straight back to the ARGOS dashboard and review resource vulnerabilities by interpreting the architecture diagrams in ARGOS clearly highlighting attack and lateral movement paths across network and identities.
Our customers are telling us that they now have much more meaningful conversations with their customers and had to put in much less effort to get to that point.
Test It Yourself - For FREE
Are you already salivating over this and want to test this yourself?
Head to https://app.argos-security.io/register to sign up for your completely free trial. It will allow you to scan a single Azure Subscription for free. You will get the full report, and access to the diagrams.