detecting-azure-storage-account-misconfigurations

Audit Azure Blob and ADLS storage accounts for public access exposure, weak or long-lived SAS tokens, missing encryption at rest, disabled HTTPS-only traffic, and outdated TLS versions using the azure-mgmt-storage Python SDK.

mukul975/Anthropic-Cybersecurity-Skills|Updated May 25, 2026

Works with

Claude CodeCursorClineWindsurf

Installation Guide

Select your AI agent

How to use detecting-azure-storage-account-misconfigurations on Cursor

AI-first code editor with Composer

Prerequisites

Before installing skills in Cursor, ensure your development environment meets these requirements:

›Cursor installed and configured on your machine
›Node.js 16+ with npm — verify with node --version
›Active project directory where you want to add detecting-azure-storage-account-misconfigurations

Run the install command

Execute the skills CLI command in your project's root directory to begin installation:

$npx skills install mukul975/Anthropic-Cybersecurity-Skills/detecting-azure-storage-account-misconfigurations

Fetches detecting-azure-storage-account-misconfigurations from mukul975/Anthropic-Cybersecurity-Skills and configures it for Cursor.

Select Cursor when prompted

The CLI shows a list of agents. Use arrow keys and space to select Cursor:

◆ Which agents do you want to install to?

│

│ ── Universal (.agents/skills) ────────────────

│ · Cline · Codex · Goose · Windsurf

│ ●Cursor(selected)

│ · Cursor · Aider · Continue

Verify installation

Confirm successful installation by checking the skill directory location:

.cursor/skills/detecting-azure-storage-account-misconfigurations

Restart Cursor to activate detecting-azure-storage-account-misconfigurations. Access via /detecting-azure-storage-account-misconfigurations in your agent's command palette.

⚠

Security Notice

We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.

Skills execute code in your environment. Always review source, verify the publisher, and test in isolation before production.

›View source on GitHub ›Skills CLI docs ›About Cursor ›What are agent skills?

Documentation

List & Monetize Your Skill

Submit your Claude Code skill and start earning

Get started →

Use Cases

Task Automation & Efficiency

Automate repetitive workflows and reduce manual effort

Example

Generate reports, summarize documents, draft communications

✓

Save 3-5 hours per week on routine tasks

Knowledge Enhancement

Learn new skills, understand complex topics, get expert guidance

Example

Explain concepts, provide examples, suggest learning resources

✓

Accelerate learning and skill development by 2x

Quality Improvement

Enhance output quality through reviews, suggestions, and refinements

Example

Review drafts, suggest improvements, catch errors

✓

Improve work quality by 30-40% with less effort

Overview

Azure Storage accounts are a frequent target for attackers due to misconfigured public access, long-lived SAS tokens, missing encryption, and outdated TLS versions. This skill uses the azure-mgmt-storage Python SDK with StorageManagementClient to enumerate all storage accounts in a subscription, inspect their security properties, list blob containers for public access settings, and generate a risk-scored audit report identifying critical misconfigurations.

When to Use

When investigating security incidents that require detecting azure storage account misconfigurations

When building detection rules or threat hunting queries for this domain

When SOC analysts need structured procedures for this analysis type

When validating security monitoring coverage for related attack techniques

Key Detection Areas

Public blob access — allow_blob_public_access enabled on storage account or individual containers set to Blob/Container access level

HTTPS enforcement — enable_https_traffic_only disabled, allowing unencrypted HTTP traffic

Minimum TLS version — accounts accepting TLS 1.0 or TLS 1.1 instead of minimum TLS 1.2

Encryption at rest — storage service encryption not enabled or missing customer-managed keys

Network rules — default action set to Allow instead of Deny, exposing storage to all networks

SAS token risks — account-level SAS with overly broad permissions or excessive lifetime

name	detecting-azure-storage-account-misconfigurations
description	Audit Azure Blob and ADLS storage accounts for public access exposure, weak or long-lived SAS tokens, missing encryption at rest, disabled HTTPS-only traffic, and outdated TLS versions using the azure-mgmt-storage Python SDK.
domain	cybersecurity
subdomain	cloud-security
tags	- Azure - storage-accounts - blob-storage - ADLS - SAS-tokens - encryption - public-access - cloud-misconfiguration - azure-mgmt-storage
version	'1.0'
author	mahipal
license	Apache-2.0
nist_ai_rmf	- MEASURE-2.7 - MAP-5.1 - MANAGE-2.4
atlas_techniques	- AML.T0070 - AML.T0066 - AML.T0082
nist_csf	- PR.IR-01 - ID.AM-08 - GV.SC-06 - DE.CM-01

detecting-azure-storage-account-misconfigurations

Installation Guide

How to use detecting-azure-storage-account-misconfigurations on Cursor

Prerequisites

Run the install command

Select Cursor when prompted

Verify installation

Security Notice

Documentation

List & Monetize Your Skill

Use Cases

Task Automation & Efficiency

Knowledge Enhancement

Quality Improvement

Install Skill

Detecting Azure Storage Account Misconfigurations

Overview

When to Use

Prerequisites

Key Detection Areas

Output

Implementation Guide

Best Practices

When to Use This

Learning Path

Related Skills

analyzing-ransomware-encryption-mechanisms

performing-cryptographic-audit-of-application

exploiting-deeplink-vulnerabilities

implementing-soar-playbook-with-palo-alto-xsoar

analyzing-network-traffic-with-wireshark

scanning-docker-images-with-trivy

Reviews

Discussion