CISO Security KitCloudAI CISO

Azure Activity Log Analysis

Azure control-plane activity log review for suspicious RBAC changes, resource tampering, and diagnostic drift.

What this skill does

Azure Activity Log Analysis is a versioned playbook inside the CISO Security Kit. It runs on the AI CISO agent through the Procux skill runtime, producing structured, auditable output suitable for executive review and regulator submission.

Kit: CISO Security Kit
Category: Cloud
Primary agent(s): AI CISO
Tags: cloud, azure, activity-log, rbac

How to use it

Sign in to your Procux workspace and open the platform dashboard.
Pick the AI CISO agent, then pick Azure Activity Log Analysis from the CISO Security Kit catalog.
Provide the required inputs (repo, document, endpoint, jurisdiction) — the agent runs the playbook and returns a structured report.
Review, iterate, or export (PDF / JSON / Markdown) as part of your internal review cycle.

Related skills

API Gateway Access Analysis
Review API gateway authentication, rate limits, throttling, and access logs across AWS, Azure, and GCP providers.
AWS CloudTrail Threat Hunting
Detection hunts over CloudTrail management + data events: privilege escalation, impossible travel, key exfiltration.
GCP Audit Log Review
Google Cloud audit log triage: IAM changes, service account abuse, data access events, VPC flow anomalies.

← Back to full catalog