Assessment: Upgrade CSPM Azure Benchmark from CIS v2.0.0 → v4.0.0

[uri-weisman]

Goal:

Evaluate the impact of upgrading CIS Microsoft Azure Foundations Benchmark v2.0.0 to v4.0.0, and define the implementation scope.

• Review CIS v4.0.0 vs. v2.0.0.
• Identify newly introduced rules (Databricks, Entra ID, PAM, logging, network security, etc.).
• Identify required changes for existing rules.
• Highlight coverage gaps in the current AZURE CSPM rule set (RULES.md, “Full Table”).

DOD:

• Gap analysis: list of new/changed rules in v4.0.0.
• Effort estimate for Cloudbeat implementation.
• Risks, blockers, and open questions documented.

References:

• Product Epic: https://github.com/elastic/security-team/issues/13299

[romulets]

Assessed complexity of new rules based on the already provided spreadsheet and pinged product