Skip to content
NNSEC
Get in touch

Why NorthSec AI

Multi-cloud read-only connectors, OCSF normalization, and agentic SOC in one contract.

Platform overviewHow the platform works →Platform capabilities →
Full coverageAWSFull coverageMicrosoft AzureFull coverageGoogle CloudCore coverageOracle CloudCore coverageDigitalOceanFull coverageOn-Premises
StrategicSecurity Architecture & Risk AssessmentStrategicCompliance ReadinessOffensiveAutomated Pentesting & Vulnerability ScanningIntelThreat Intelligence & Predictive DefenseOperationsAutomated SOC & Noise ReductionNetworkIntelligent DNS Security LayerDefensiveDeception & Honeypot DeploymentIntelZero-Day & Anomaly DetectionStrategicExecutive Reporting & AI Risk Intelligence
Compare all tiers →Talk to a vCISO →
IndustryFintech & PaymentsIndustrySaaS & B2B SoftwareIndustryAI / ML CompaniesIndustryHealth Tech & HIPAAIndustryE-Commerce & Marketplaces

Case studies

Fintech SOC2 in 90 daysSaaS multi-cloud hardeningAI startup IR retainer
FrameworkSOC 2 Type IIFrameworkISO 27001:2022FrameworkGDPRFrameworkHIPAAFrameworkPCI DSS v4.0FrameworkNIS2
Free compliance readiness audit
ResourceBlogResourceThreat ResearchResourceCase StudiesResourceCompliance LibraryResourceNNSEC University

Latest brief

Credential spill wave

Public summary · M365 OAuth consent phishing.

Read briefing →
CompanyAboutCompanyPartnersCompanyCareersCompanyPressCompanyContactCompanyStatus

We're hiring

Remote-first · Coverage across MENA, EU, and US

View open roles

[ PLATFORM // MICROSOFT_AZURE ]

Security for Azure.
Entra to data plane.

Subscription and management-group visibility across Entra ID, Defender, Policy, and network — without Contributor write paths.

Start onboarding View pricing

50+

Subscriptions

Hourly

Policy eval

Read-only

Graph queries

Full coverage
azure://defender.secure-scoreREAD-ONLY
W1
W2
W3
W4

Secure score 84 · +6 vs baseline

Entra: 3 global admins · CA policy missing for legacy auth

[ DOMAINS // COVERAGE ]

What we assess
in Microsoft Azure.

Platform-native domains — not a generic cloud checklist pasted from another provider.

Entra ID

Conditional access gaps, privileged roles, guest risks.

Defender for Cloud

Secure score, regulatory compliance bundles.

Network

NSGs, Azure Firewall rules, exposed PaaS endpoints.

Storage

Blob public access, encryption, soft-delete settings.

Key Vault

Access policies, purge protection, logging.

Policy

Initiative compliance drift per subscription.

PaaS SQL / App

TLS versions, managed identity usage.

Activity logs

Diagnostic settings to Log Analytics completeness.

[ RUNBOOK // ONBOARDING ]

Onboarding preview
from checklist.

Steps align with NNSEC_Onboarding_Checklist — full runbook generates after discovery wizard.

  1. 01

    App registration

    Read-only custom role at management group scope.

  2. 02

    Consent + audit

    Admin grants API permissions; NNSEC logs grant event.

  3. 03

    Scope subs

    Tag-based inclusion for prod vs lab.

  4. 04

    Defender sync

    Import recommendations and secure score trend.

  5. 05

    Posture dashboard

    OCSF-normalized findings with resource ARM IDs.

  6. 06

    Evidence export

    SOC 2 control attachments auto-linked.

Complete discovery wizard
[ TOOLING // OSS ]

Tools we deploy
and integrate.

Open-source and native cloud APIs — no proprietary agent required unless noted for on-prem.

Defender for Cloud
Azure Policy
Entra ID
NSG Flow Logs
Key Vault diagnostics
Resource Graph

Connector · Service principal with least-privilege role definitions — no write operations.

[ COMPLIANCE // MAP ]

Framework mapping
for Microsoft Azure.

Evidence exports attach findings to auditor-friendly control IDs.

CIS Azure

CIS · ISO A.8

SOC 2 CC6.1

Logical access

NIS2

EU incident readiness

[ TIERS ]

Connector included by tier

foundation · $3,500
growth · $5,000
scale · $8,000
enterprise · $12,000

Customer story

Secure score +24

SaaS vendor unified 12 subscriptions under one NNSEC retainer.

SaaS

Other platforms

AWSGoogle CloudOracle Cloud
All platforms

FAQ

Never — Reader + security-specific read data actions only.

Connect Microsoft Azure to NorthSec AI

Full coverage · read-only · per-tenant KMS

Book technical scoping See SOC automation