Safeguard
Application Security

Top 10 Azure security risks and prevention

Real Azure breaches — BlueBleed, ChaosDB, OMIGOD, Midnight Blizzard — trace back to storage misconfigs, identity sprawl, and exposed secrets, not zero-days.

Michael
Cloud Security Architect
7 min read

In October 2022, researchers at SOCRadar found an unsecured Azure Blob Storage endpoint that had exposed contract and purchase-order data belonging to more than 65,000 organizations across 111 countries — one misconfigured storage bucket, no exploit required. Fourteen months later, the Russian state-sponsored group Midnight Blizzard got into Microsoft's own corporate email by password-spraying a legacy, non-production OAuth test application that still had elevated access to the tenant. Azure now runs workloads for a large share of the Fortune 500, which makes it a high-value target, but the incidents that actually land rarely involve zero-days. They involve open storage, over-permissioned identities, unpatched default agents, and secrets sitting in logs or repos for months. Below are the ten Azure security risks that show up most often in real breach reports, with the CVEs, dates, and root causes behind each, and what stops them before they reach production.

What is the leading cause of Azure data breaches?

Publicly exposed storage accounts and overly permissive network rules cause more Azure breaches than any software vulnerability. The clearest example is the "BlueBleed" incident SOCRadar disclosed on October 19, 2022: a misconfigured Azure Blob Storage endpoint tied to Microsoft's own Bulk Email Protection and other systems left customer contracts, PII, and internal documents from 65,000+ companies readable to anyone with the URL. The root cause was mundane — a storage container set to public read access instead of private, a configuration change nobody audited. The same pattern applies to Network Security Groups (NSGs): Azure denies all inbound traffic by default at priority 65500, but administrators routinely add temporary "Allow Any/Any" rules for troubleshooting on ports like 22, 3389, or 1433 and never remove them, leaving management ports internet-facing for months.

Why does Azure identity and access management cause the most damage per incident?

Because a single over-privileged identity or forgotten test app can grant an attacker tenant-wide reach without tripping a single malware alert. Microsoft's own January 2024 disclosure of the Midnight Blizzard intrusion is the textbook case: the actor used a low-volume password spray in November 2023 to compromise a legacy, non-production test tenant OAuth application, then used the elevated permissions that app retained to pivot into corporate Exchange Online mailboxes, including those of senior leadership and security staff. Separately, in the Storm-0558 campaign disclosed in July 2023, a Chinese state-sponsored actor obtained a Microsoft Services Account (MSA) consumer signing key and used it to forge authentication tokens, accessing Exchange Online and Outlook.com email for roughly 25 organizations, including U.S. federal agencies, without ever needing valid Azure AD (Entra ID) credentials. Both cases trace back to identity material — an app registration, a signing key — that outlived its purpose and kept broad access no one was actively reviewing.

How do exposed secrets in Azure pipelines and CLI tools lead to compromise?

Secrets get exposed because build tools and CI/CD systems log credentials in plaintext by default, and those logs are often more accessible than the resources they protect. CVE-2023-36052, disclosed in November 2023 with a CVSS score of 8.6, is a direct example: the Azure CLI's az commands could print storage account keys, SAS tokens, and other secrets in plaintext to command output, which then landed unredacted in Azure DevOps and GitHub Actions build logs — logs that build reviewers, contractors, or anyone with pipeline read access could see. Because Azure DevOps pipelines commonly hold service connection credentials with contributor or owner rights on subscriptions, a leaked token from a single CI run can translate into full resource-group compromise. This is the same class of risk as hardcoded connection strings in App Configuration or Key Vault references checked into source control — the secret works exactly as designed for automation, which is precisely why it's valuable to an attacker who finds it.

What makes Azure Kubernetes Service and Linux VM agents a target?

AKS and Azure VM workloads are targeted because Azure auto-installs management agents with high privilege by default, and a flaw in one of those agents compromises every VM that has it. The canonical case is OMIGOD (CVE-2021-38647), disclosed by Wiz researchers in September 2021 with a CVSS score of 9.8: the Open Management Infrastructure (OMI) agent was silently and automatically installed on Linux VMs whenever customers enabled common services like Azure Automation, Log Analytics, Azure Insights, or Azure Automatic Update — and a flaw in OMI's HTTPS listener let an unauthenticated attacker execute code as root over the network. Most affected customers didn't know the agent was running because it was installed as a side effect of enabling an unrelated Azure service. AKS clusters carry a parallel risk in Kubernetes RBAC: default service accounts and cluster-admin bindings left in place from initial setup let a single compromised pod escalate to full cluster control, a misconfiguration that shows up repeatedly in cloud security posture assessments of AKS environments.

How exposed is the Azure software supply chain to upstream flaws?

The Azure supply chain is exposed anywhere a managed service quietly runs customer code with shared or excessive privilege, and the ChaosDB vulnerability is the clearest proof. Wiz researchers disclosed ChaosDB in August 2021 after finding that the Jupyter Notebook feature built into Azure Cosmos DB's visualization tooling had a flaw letting any user retrieve other customers' primary access keys — keys that granted full read/write/delete control over their Cosmos DB databases. Microsoft's own notification to customers indicated the exposure had existed for years and affected thousands of Azure customers, including many listed in the Fortune 500, none of whom had done anything wrong on their end; the flaw lived entirely in Microsoft's managed service. The lesson for supply chain risk is the same one that applies to open-source dependencies: a vulnerability several layers below your application code, in infrastructure you don't control and can't patch yourself, can still fully compromise your data.

Why does insufficient logging let Azure attacks go undetected for months?

Azure attacks go undetected because diagnostic logging and Microsoft Entra sign-in logs are opt-in for many resource types, and retention on the free tiers is short. Storage account diagnostic logs, for instance, are not enabled by default — an attacker who lists or downloads blobs from a misconfigured container, as happened in the BlueBleed exposure, may leave no trace at all unless logging was explicitly turned on beforehand. Microsoft Entra ID's free tier retains sign-in and audit logs for only 7 days, which is well short of the median attacker dwell time reported across cloud intrusions; Midnight Blizzard's access, by Microsoft's own account, went unnoticed for weeks after the initial November 2023 compromise. Without centralized log export to a SIEM, retention long enough to cover realistic dwell times, and alerting tied to anomalous sign-ins or storage access patterns, security teams are reconstructing an incident from whatever fragments happen to still exist rather than catching it in progress.

How Safeguard Helps

Safeguard maps the Azure risks above back to what's actually exploitable in your environment instead of leaving teams to triage every finding manually. Reachability analysis traces whether a vulnerable dependency, exposed secret, or misconfigured service — like an unpatched OMI agent or an over-permissioned DevOps service connection — is actually invoked by code your workloads run, cutting through the noise that makes teams ignore scanner output in the first place. Griffin AI, Safeguard's autonomous triage engine, correlates identity, storage, and pipeline findings across your Azure estate to prioritize the handful that represent real attack paths, such as a public storage container paired with a service principal that has write access to it. Safeguard also generates and ingests SBOMs so you have an accurate inventory of what's running in every Azure resource when the next Cosmos DB– or OMI-style flaw drops, and it opens auto-fix pull requests for issues like leaked credentials in pipeline configs or overly broad NSG rules, so the fix ships in the same PR workflow your engineers already use — closing the gap between finding a risk and actually remediating it.

Never miss an update

Weekly insights on software supply chain security, delivered to your inbox.