Security

116
Total Pages
38
Linux-Friendly Pages
78
Pages with Bias
67.2%
Bias Rate

Bias Trend Over Time

Pages with Bias Issues

380 issues found
Showing 251-275 of 380 flagged pages
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/antimalware.md ...lob/main/articles/security/fundamentals/antimalware.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Windows First Missing Linux Example 🔧 Windows Tools Powershell Heavy
Summary
The documentation is heavily biased towards Windows environments. All deployment, configuration, and removal instructions are specific to Windows Server and Windows-based Azure VMs. Only Windows operating systems are supported, and all examples use Windows-centric tools such as PowerShell and Visual Studio. There are no instructions, examples, or guidance for Linux VMs, and Linux is explicitly listed as unsupported. The documentation assumes the reader is using Windows and does not mention or provide alternatives for Linux users.
Recommendations
  • Clearly state at the beginning that Microsoft Antimalware for Azure does not support Linux, and suggest alternative antimalware solutions for Linux VMs in Azure.
  • If any Azure-native antimalware or endpoint protection solutions exist for Linux, provide links and brief instructions for those.
  • Where possible, provide parity in documentation by including Linux equivalents or explicitly noting the lack of support, so Linux users are not left without guidance.
  • Reduce the exclusive use of PowerShell and Visual Studio in examples; if cross-platform CLI or REST API options exist, document those as well.
  • Add a comparison table or section summarizing antimalware options for both Windows and Linux in Azure, with links to relevant documentation.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-input-validation.md ...urity/develop/threat-modeling-tool-input-validation.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example Powershell Heavy
Summary
The documentation exhibits a strong Windows and .NET bias. All code examples are in C# or T-SQL, and configuration snippets reference Windows/IIS-specific files (e.g., web.config). References and steps frequently mention Windows technologies (MSXML, IIS, http.sys, Win32 APIs) and Microsoft-centric frameworks (ASP.NET, WCF, MVC), with little to no mention of Linux, cross-platform, or open-source equivalents. There are no examples or guidance for Linux-based stacks (e.g., Apache, Nginx, Java, Python, Node.js), and mitigation steps are often tied to Windows-specific tools or patterns.
Recommendations
  • Provide equivalent examples for Linux-based web servers (e.g., Apache, Nginx) and frameworks (e.g., Django, Flask, Express.js, Spring).
  • Include configuration steps for setting security headers (like X-Content-Type-Options) in non-IIS environments (e.g., Apache .htaccess, Nginx config, Node.js middleware).
  • Offer code samples in additional languages (such as Python, Java, JavaScript) and using cross-platform libraries.
  • Reference cross-platform XML parsers and their security settings (e.g., lxml for Python, xml.etree, Java's XML parsers, Node.js xml2js).
  • Mention open-source and cross-platform tools for file signature validation, input validation, and output encoding.
  • Clarify which recommendations are specific to Windows/.NET and provide alternative guidance for other platforms.
  • Add links to relevant Linux/open-source documentation and best practices.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/azure-CA-details.md ...ain/articles/security/fundamentals/azure-CA-details.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a mild Windows bias. In the client compatibility table, Windows is listed first, and Windows-specific scenarios (such as managing the Trusted Root CA store and disconnected environments) are described in more detail than Linux equivalents. Instructions for updating or verifying certificates on Linux are minimal and refer users to their distribution documentation, whereas Windows scenarios are described explicitly. There are no PowerShell or Windows command-line examples, but the only explicit example for managing certificates is for Java (cross-platform). There are no Linux-specific command-line examples for adding or verifying CAs.
Recommendations
  • Provide explicit Linux command-line examples for verifying and adding root certificates (e.g., using update-ca-certificates, trust, or keytool on Linux).
  • Expand the Linux section to include common certificate store paths and commands for major distributions (e.g., Ubuntu, RHEL, SUSE).
  • Balance the detail level between Windows and Linux instructions, ensuring Linux administrators have actionable steps rather than being referred to external documentation.
  • When listing OS compatibility, consider rotating or randomizing the order, or listing alphabetically to avoid implicit prioritization.
  • Include troubleshooting steps or references for common Linux certificate management issues, similar to the detail provided for Windows.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/azure-marketplace-images.md ...cles/security/fundamentals/azure-marketplace-images.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Windows Pattern In Linux Section
Summary
The documentation generally separates Linux and Windows recommendations, but there is evidence of Windows bias. In the Linux section, Windows terminology and patterns appear (e.g., 'Windows Server roles' in a Linux checklist). Windows-specific tools (like BitLocker) are mentioned in the Windows section without Linux equivalents. Some checks are more detailed for Windows (e.g., auto-update, BitLocker), while similar Linux recommendations are less explicit or missing.
Recommendations
  • Remove references to 'Windows Server roles' from the Linux checklist and ensure Linux-specific language is used.
  • For every Windows-specific tool or feature mentioned (e.g., BitLocker), provide a Linux equivalent (e.g., LUKS/dm-crypt for disk encryption).
  • Ensure parity in recommendations: if auto-update is recommended for Windows, suggest enabling unattended-upgrades or similar for Linux.
  • Where possible, provide Linux-specific examples or commands (e.g., for clearing shell history, configuring firewalls, or enabling security updates).
  • Review all checklists for cross-contamination of terminology and ensure each section is tailored to the relevant OS.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/backup-plan-to-protect-against-ransomware.md ...damentals/backup-plan-to-protect-against-ransomware.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation demonstrates a Windows bias by prioritizing Windows-specific tools and solutions (such as Windows Defender, Malicious Software Removal Tool, Microsoft Safety Scanner, and protected folders) when discussing malware removal and ransomware protection. Linux-specific tools or guidance are not mentioned in equivalent sections, and examples or recommendations for Linux environments are missing, despite Azure Backup supporting both Windows and Linux VMs. The guidance for endpoint protection, malware scanning, and folder protection is Windows-centric.
Recommendations
  • Include Linux-specific examples and tools for malware detection and removal (e.g., ClamAV, Sophos, or open-source EDR solutions) alongside Windows tools.
  • When discussing endpoint protection and antivirus solutions, mention cross-platform or Linux-compatible options, and provide links to relevant documentation.
  • Add guidance or references for protecting critical folders and files on Linux systems (e.g., using file permissions, immutable flags, or Linux security modules like SELinux/AppArmor).
  • Ensure that backup validation and restore procedures include Linux-specific considerations and examples, not just generic or Windows-focused steps.
  • Balance the order of presentation so that Linux and Windows are given equal prominence when listing supported platforms, tools, and best practices.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-sensitive-data.md ...ecurity/develop/threat-modeling-tool-sensitive-data.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
🔧 Windows Tools Windows First Missing Linux Example Powershell Heavy
Summary
The documentation exhibits a Windows bias by referencing Windows-specific tools and technologies (e.g., Encrypted File System (EFS), DPAPI, BitLocker, Windows Intune) without mentioning or providing equivalent Linux alternatives. In several sections, Windows solutions are mentioned first or exclusively, and example code/configuration is often tailored to Windows-centric frameworks (e.g., .NET, WCF, ASP.NET). There is a lack of Linux-specific examples or guidance for cross-platform parity.
Recommendations
  • For every Windows-specific technology mentioned (e.g., EFS, DPAPI, BitLocker), provide equivalent Linux alternatives (e.g., eCryptfs, LUKS/dm-crypt, GnuPG, libsecret) and explain their usage.
  • When discussing file system encryption, include both Windows (EFS, BitLocker) and Linux (LUKS, eCryptfs) options, and provide example commands or configuration for both.
  • In sections referencing DPAPI, add information about Linux key management and encryption APIs (e.g., GnuPG, OpenSSL, libsecret) for storing sensitive data.
  • For Azure Disk Encryption, clarify and provide equal detail for both Windows (BitLocker) and Linux (dm-crypt) implementations, including example commands or references.
  • Where configuration or code examples are given (e.g., web server headers, password hashing), include cross-platform or Linux/Unix examples (e.g., Apache/Nginx config, Python/Java password hashing).
  • Avoid using only .NET or Windows-centric frameworks in code samples; supplement with examples in other popular cross-platform languages (e.g., Python, Java, Node.js) where possible.
  • Reference Linux and open-source documentation alongside Microsoft/Windows links, especially for generic security concepts.
  • Review and update references to ensure parity in guidance for both Windows and Linux environments.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/code-integrity.md .../main/articles/security/fundamentals/code-integrity.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page primarily describes code integrity in the context of Windows, with detailed explanations of Windows Server 2016 features and terminology. Linux is mentioned only briefly and secondarily, with no concrete Linux examples or equivalent process descriptions. The focus on Windows tools and lack of Linux parity in examples or process details demonstrates a Windows-first bias.
Recommendations
  • Provide equivalent Linux-focused sections, describing how code integrity is enforced on Linux systems in Azure (e.g., using DM-Verity, IMA, or SELinux).
  • Include Linux-specific examples and workflows for setting up and validating code integrity policies, similar to the detailed Windows description.
  • Mention Linux tools and terminology alongside Windows tools, not just as a brief aside.
  • Ensure that any references to audit modes, deployment safety, and incident response also cover Linux scenarios and tools.
  • Consider a comparative table or section that outlines both Windows and Linux approaches to code integrity in Azure.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/antimalware-code-samples.md ...cles/security/fundamentals/antimalware-code-samples.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Powershell Heavy 🔧 Windows Tools Missing Linux Example Windows First
Summary
The documentation exclusively provides PowerShell code samples and references to Windows-centric tools and file paths (e.g., C:\path\to\file.xml, .exe processes, Windows-style exclusions). There are no examples or instructions for Linux VMs or cross-platform approaches, and all configuration and extension management is shown only via Windows/PowerShell paradigms. Linux support or parity is not mentioned or demonstrated.
Recommendations
  • Add equivalent Bash/CLI/ARM template examples for Linux VMs, showing how to enable and configure antimalware (or note if not supported).
  • Explicitly state platform support and limitations for Microsoft Antimalware (e.g., if only available for Windows VMs, clarify this early in the documentation).
  • Provide guidance or links for Linux security best practices in Azure, such as using Microsoft Defender for Endpoint on Linux or other supported antimalware solutions.
  • When showing file paths and process names, clarify if these are Windows-specific, and provide Linux equivalents where applicable.
  • Balance the order of presentation so that Linux and Windows approaches are given equal prominence if both are supported.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/encryption-customer-managed-keys-support.md ...ndamentals/encryption-customer-managed-keys-support.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
🔧 Windows Tools Windows First Missing Linux Example
Summary
The documentation page is a service matrix listing Azure services that support customer managed keys (CMKs), with links to service-specific documentation. While the page itself is largely platform-neutral, there are subtle signs of Windows bias: some database entries (e.g., SQL Server on Azure VM, SQL Server on Virtual Machines) link specifically to Windows-focused documentation (e.g., /virtual-machines/windows/sql/), and the linked documentation for disk encryption and SQL Server often prioritizes or exclusively covers Windows scenarios. There are no explicit Linux or cross-platform examples or links for these services, and Linux parity is not highlighted.
Recommendations
  • For services like SQL Server on Azure VM and Virtual Machines, include links to both Windows and Linux documentation where available (e.g., /virtual-machines/linux/sql/).
  • Where disk encryption is discussed, ensure that both Windows and Linux VM scenarios are referenced and linked equally.
  • Add explicit notes or columns indicating Linux support or parity for CMK features, especially for services that are available on both platforms.
  • Audit linked documentation to ensure Linux examples and instructions are present and as prominent as Windows ones.
  • Consider adding a section or callout summarizing Linux support for CMKs across Azure services.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/data-encryption-best-practices.md ...ecurity/fundamentals/data-encryption-best-practices.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Windows First Powershell Heavy 🔧 Windows Tools Missing Linux Example
Summary
The documentation demonstrates a moderate Windows bias. While it mentions both Linux and Windows in some areas (e.g., disk encryption), Windows tools, patterns, and terminology are often presented first or exclusively. There is a strong emphasis on Microsoft-centric solutions (e.g., BitLocker, privileged access workstation) with little or no mention of Linux-native or cross-platform alternatives. Examples and guidance for Linux users are minimal or missing in several sections.
Recommendations
  • Provide parallel Linux examples and tooling references wherever Windows or PowerShell tools are mentioned (e.g., include Linux secure workstation models, Linux-native encryption tools).
  • When listing options (such as disk encryption), alternate the order or present Linux and Windows solutions together rather than always listing Windows first.
  • Expand on Linux-specific best practices for secure management workstations, endpoint protection, and certificate deployment.
  • Include sample commands or scripts for both Bash (Linux) and PowerShell (Windows) where relevant.
  • Reference open-source or cross-platform tools and patterns where possible, not just Microsoft/Windows-centric solutions.
  • Ensure that all sections (such as secure workstation, endpoint protection, and certificate management) address both Linux and Windows environments equally.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/identity-management-best-practices.md ...ity/fundamentals/identity-management-best-practices.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
🔧 Windows Tools Missing Linux Example Windows First
Summary
The documentation demonstrates a Windows bias by exclusively referencing Windows-centric tools and concepts (such as Active Directory, Microsoft Entra Connect, and Privileged Access Workstations), and by omitting Linux or cross-platform equivalents for identity management, authentication, and privileged access. There are no examples or guidance for Linux-based environments, and Windows patterns are assumed as the default throughout.
Recommendations
  • Include examples and guidance for integrating Linux-based identity providers (such as LDAP, FreeIPA, or SSSD) with Azure and Microsoft Entra ID.
  • Provide parity in privileged access workstation recommendations by mentioning secure Linux workstation configurations and hardening guides.
  • Discuss cross-platform authentication agents and tools (e.g., Azure CLI, Microsoft Entra authentication libraries) that work on Linux and macOS, not just Windows.
  • Reference Linux-compatible password protection and self-service password reset solutions, or clarify limitations.
  • Add explicit notes or sections for organizations with predominantly Linux or mixed-OS environments, outlining best practices and supported scenarios.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/database-security-checklist.md ...s/security/fundamentals/database-security-checklist.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a Windows bias by referencing Windows-specific protocols (TDS), linking to Windows Server documentation for TLS, and omitting Linux or cross-platform tooling and examples. There are no mentions of Linux-based tools, command-line examples, or guidance for non-Windows environments, which may leave Linux users without clear instructions.
Recommendations
  • Include Linux-specific or cross-platform examples for configuring security features (e.g., using Azure CLI, Bash, or cross-platform tools).
  • Reference cross-platform documentation for protocols like TLS, not just Windows Server-specific pages.
  • Mention and provide guidance for connecting to Azure SQL Database from Linux environments (e.g., using sqlcmd, Azure Data Studio, or ODBC on Linux).
  • Balance protocol and tool references by including both Windows and Linux equivalents where applicable.
  • Add explicit notes or sections addressing Linux users and their typical workflows.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/encryption-overview.md .../articles/security/fundamentals/encryption-overview.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Windows First Powershell Heavy 🔧 Windows Tools Missing Linux Example
Summary
The documentation demonstrates a moderate Windows bias. Windows-specific tools, protocols, and examples (such as SMB 3.0, RDP, and PowerShell) are mentioned more frequently, often before or instead of Linux equivalents. PowerShell is highlighted as a configuration method for VPNs, while Linux command-line or scripting alternatives are not equally represented. Some sections provide Windows-specific library/package references (e.g., .NET NuGet for client-side encryption) with only brief or secondary mention of Java, and there is little to no mention of Linux-native tools or workflows for encryption tasks. Where Linux is mentioned (e.g., SSH access), it is often after the Windows approach or in a less detailed manner.
Recommendations
  • Provide Linux/Unix command-line examples (e.g., Bash, Azure CLI) alongside or before PowerShell examples for configuring encryption and VPNs.
  • Include references to Linux-native tools and libraries for client-side encryption (such as Python SDKs, OpenSSL usage, or Linux file encryption utilities).
  • When describing protocols like SMB or RDP, clarify cross-platform support and provide Linux client/server usage instructions where applicable (e.g., using smbclient, xrdp, or remmina).
  • Balance the order of presentation so that Linux and Windows approaches are given equal prominence and detail.
  • Add explicit Linux configuration walkthroughs for common scenarios (e.g., setting up encrypted disks, configuring VPN connections, or using Azure Key Vault from Linux environments).
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/hypervisor.md ...blob/main/articles/security/fundamentals/hypervisor.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a Windows bias by focusing exclusively on Windows Hyper-V as the hypervisor technology, referencing Windows-specific security features and tools (such as Hyper-V, VBS, and Windows kernel APIs), and omitting any mention of Linux-based hypervisors or Linux guest/host scenarios. There are no examples or references to Linux tools, patterns, or equivalent security mechanisms.
Recommendations
  • Include references to Linux-based hypervisors (e.g., KVM, Xen) where relevant, or clarify if Azure exclusively uses Hyper-V.
  • Provide examples or explanations of how Linux guests are secured on Azure, including any differences in security boundaries or mitigations.
  • Mention Linux-specific security features or tools that interact with the Azure hypervisor (e.g., Secure Boot for Linux, Linux attestation mechanisms).
  • If the document is intentionally Windows-specific, add a note clarifying the scope and direct Linux users to relevant documentation.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/iaas.md ...-docs/blob/main/articles/security/fundamentals/iaas.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Windows First Powershell Heavy 🔧 Windows Tools Missing Linux Example
Summary
The documentation demonstrates several forms of Windows bias. Windows terminology, tools, and examples (such as PowerShell cmdlets and references to Windows Update/WSUS) are mentioned more prominently or exclusively, while Linux equivalents are either missing, less detailed, or referenced after Windows. Some sections provide only Windows-specific instructions or tools, and Linux-specific guidance is often less thorough or omitted.
Recommendations
  • Provide Linux command-line examples (e.g., Bash, CLI) alongside or before PowerShell/Windows examples.
  • When referencing tools (e.g., Windows Defender, BitLocker, WSUS), also mention and describe Linux equivalents (e.g., ClamAV, DM-Crypt, unattended-upgrades, etc.) with equal detail.
  • Ensure that all best practices and implementation steps are described for both Windows and Linux VMs, including links to relevant Linux documentation.
  • Avoid using Windows-centric language (such as 'subscription admins and coadmins' or 'WSUS') without clarifying the Linux context or providing Linux alternatives.
  • Balance the order of presentation so that Linux and Windows are treated equally, rather than consistently listing Windows first.
  • Include Linux-specific security tools and update mechanisms in the 'Protect against malware' and 'Manage your VM updates' sections.
  • Add Linux examples for PowerShell cmdlets (e.g., show az CLI or Bash commands for key management and disk encryption).
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/infrastructure-components.md ...les/security/fundamentals/infrastructure-components.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
🔧 Windows Tools Windows First Missing Linux Example
Summary
The documentation page demonstrates a Windows bias by exclusively referencing Windows technologies (e.g., Windows Firewall, Windows Server) as the basis for Azure's infrastructure and security. There is no mention of Linux-based equivalents, tools, or patterns, nor are Linux operating systems or firewalls referenced. The documentation implies that Azure VMs and host environments are Windows-centric, omitting the fact that Azure also supports Linux VMs and associated management practices.
Recommendations
  • Explicitly mention that Azure supports both Windows and Linux VMs, and describe how the architecture applies to both.
  • Include references to Linux-based security tools (e.g., iptables, firewalld) alongside Windows Firewall when discussing VM security.
  • Clarify whether the 'customized and hardened version of the latest Windows Server' applies only to host VMs, and describe the equivalent for Linux-based hosts or guests.
  • Provide examples or explanations of how service definition files and port configuration work for Linux VMs.
  • Balance the discussion of operating system images by describing the process for Linux images (e.g., how base images are built, secured, and managed for Linux).
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/operational-overview.md ...articles/security/fundamentals/operational-overview.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First Missing Linux Example 🔧 Windows Tools
Summary
The documentation page demonstrates a Windows bias by referencing Windows-specific tools and logs (such as Windows event system logs) without mentioning Linux equivalents, and by providing examples and support details primarily for Windows environments. There is a lack of Linux-specific operational security examples, and where diagnostic or monitoring tools are discussed, Windows is mentioned explicitly while Linux is omitted.
Recommendations
  • Include Linux-specific examples and references alongside Windows ones, such as mentioning syslog or journald for Linux diagnostic logs.
  • When describing agents or extensions (e.g., Microsoft Monitoring Agent), clarify support and usage for both Windows and Linux VMs.
  • In sections discussing diagnostic logs, explicitly mention Linux log types and how to collect them in Azure.
  • Ensure parity in documentation by providing links to Linux-focused guides or documentation where available.
  • Review and update tool descriptions (e.g., Azure Diagnostics, Azure Monitor) to clarify cross-platform capabilities and provide platform-specific instructions or caveats.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/identity-management-overview.md .../security/fundamentals/identity-management-overview.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation demonstrates a Windows bias by referencing Windows-centric concepts (e.g., Active Directory, domain-joined devices, IIS, SharePoint, Outlook Web App) and tools (e.g., Microsoft Entra Connect, which is primarily a Windows tool) without mentioning Linux equivalents or cross-platform alternatives. Device registration examples and hybrid identity management are described in the context of Windows environments, and there is a lack of Linux-specific guidance or examples throughout.
Recommendations
  • Include examples and guidance for Linux-based environments, such as integrating Azure identity management with Linux servers and applications.
  • Mention and link to documentation on configuring SSO, device registration, and hybrid identity for Linux and non-Windows platforms.
  • When referencing tools like Microsoft Entra Connect, clarify platform support and provide alternatives or guidance for Linux environments.
  • Balance examples by including both Windows and Linux scenarios, especially for device registration, reverse proxy, and hybrid identity.
  • Reference cross-platform web servers (e.g., Apache, NGINX) alongside IIS when discussing reverse proxy and application publishing.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/infrastructure-integrity.md ...cles/security/fundamentals/infrastructure-integrity.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a Windows bias by referencing Windows-specific technologies and patterns (such as Windows Fabric and default Windows administrator accounts) without mentioning Linux equivalents. There are no examples or references to Linux tools, patterns, or administrative practices, and the terminology used (e.g., Windows Fabric, Windows administrator accounts) is Windows-centric. No Linux-specific security, authentication, or monitoring practices are discussed, and the virus scan tool mentioned (Endpoint Protection) is typically associated with Windows environments.
Recommendations
  • Include references to both Windows and Linux environments where applicable, especially in sections discussing OS-level security, authentication, and monitoring.
  • Mention Linux equivalents for technologies like Windows Fabric, or clarify if similar mechanisms exist for Linux-based Azure nodes.
  • Discuss how virus scanning and endpoint protection are handled for Linux-based components, including naming any tools or processes used.
  • When discussing administrator accounts and access, describe how Linux-based VMs are secured (e.g., disabling root, using sudo, SSH key management).
  • Provide examples or explanations for both Windows and Linux where administrative or security procedures differ.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/infrastructure-operations.md ...les/security/fundamentals/infrastructure-operations.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a Windows bias by referencing the 'Azure SQL Database Windows Fabric platform' as the primary operational platform, mentioning Windows-specific tooling and services (such as watchdog scripts and Active Directory Federation Services), and omitting any mention of Linux-based equivalents or cross-platform tooling. There are no examples or references to Linux monitoring agents, authentication mechanisms, or operational practices, which may leave Linux users without clear guidance.
Recommendations
  • Include references to Linux-based monitoring and diagnostic tools supported in Azure environments, such as the OMS Agent for Linux or Azure Monitor Agent.
  • Mention cross-platform alternatives to Windows-specific services (e.g., highlight how Linux VMs are monitored and managed in Azure).
  • Provide examples or descriptions of authentication and access control for Linux-based systems, such as integration with Azure Active Directory or SSH key management.
  • Clarify whether the described processes and tools (e.g., watchdog scripts, monitoring agents) are available or have equivalents on Linux, and provide links to relevant documentation.
  • Balance the mention of Windows and Linux operational practices to ensure parity and inclusivity for all Azure users.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/paas-applications-using-app-services.md ...y/fundamentals/paas-applications-using-app-services.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First Missing Linux Example 🔧 Windows Tools
Summary
The documentation page demonstrates a Windows bias by providing a specific example for restricting IP addresses using web.config, which is only applicable to App Service on Windows. There are no equivalent instructions or references for Linux-based App Service environments, and the only platform-specific tool mentioned is Windows-centric (web.config/IIS).
Recommendations
  • Include equivalent instructions for restricting IP addresses on App Service for Linux, such as using .htaccess for Apache or nginx configuration files.
  • When mentioning platform-specific features (like web.config for Windows), also provide Linux alternatives or clearly state if a feature is not available on Linux.
  • Avoid presenting Windows solutions first or exclusively; strive for parity by addressing both Windows and Linux scenarios in parallel.
  • Reference cross-platform tools or Azure-native solutions (such as Azure Front Door or Application Gateway) for IP restriction where possible.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/log-audit.md .../blob/main/articles/security/fundamentals/log-audit.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation shows a moderate Windows bias. Windows tools and logging mechanisms (e.g., Windows Event Log, Azure Diagnostics) are mentioned before or more prominently than Linux equivalents. Linux logging (Syslog) is referenced only in passing, with no detailed examples or integration guidance. There are no Linux-specific examples or instructions, and Windows tools are often the default or only detailed option.
Recommendations
  • Provide equal detail for Linux logging mechanisms (e.g., Syslog, journald) alongside Windows Event Log.
  • Include Linux-specific examples for log collection, integration, and analysis, such as configuring the Azure Monitor agent on Linux VMs.
  • Mention and link to Linux diagnostic tools and extensions (e.g., Azure Monitor Agent for Linux, Log Analytics agent for Linux) with the same prominence as Windows tools.
  • Ensure that tables and descriptions list Linux and Windows options side-by-side, rather than Windows first or exclusively.
  • Add example commands or configuration snippets for both PowerShell (Windows) and Bash (Linux) where applicable.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/management-monitoring-overview.md ...ecurity/fundamentals/management-monitoring-overview.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Powershell Heavy 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a moderate Windows bias, particularly in the Antimalware section, where PowerShell is mentioned as the method for installing Symantec Endpoint Protection on existing VMs, with no mention of Linux installation methods or tools. The antimalware solutions referenced (e.g., Microsoft Antimalware, System Center Endpoint Protection) are also primarily Windows-centric, and there are no Linux-specific security tools or workflows described. No Linux command-line examples, package managers, or security agent installation instructions are provided.
Recommendations
  • Include Linux-specific instructions and examples for installing and managing antimalware solutions, such as using apt, yum, or other Linux package managers.
  • Mention and provide guidance for Linux-compatible antimalware agents and security tools supported in Azure.
  • When referencing PowerShell or Windows tools, provide equivalent Bash or shell command examples for Linux environments.
  • Ensure that security workflows and monitoring recommendations cover both Windows and Linux VM scenarios equally.
  • Explicitly state platform support (Windows, Linux) for each security feature or tool discussed.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/threat-detection.md ...ain/articles/security/fundamentals/threat-detection.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Powershell Heavy 🔧 Windows Tools Missing Linux Example
Summary
The documentation demonstrates a bias toward Windows environments by focusing on PowerShell-based automation (Azure Automation, DSC) and referencing Windows-native tools and patterns (e.g., PowerShell scripts, antimalware event logs, registry entries). There are no Linux-specific examples, tools, or equivalent automation/configuration management solutions mentioned. The documentation assumes familiarity with Windows-centric technologies and omits guidance for Linux users.
Recommendations
  • Include Linux-specific examples for automation and configuration management, such as using Azure Automation with Python runbooks or integrating with Ansible/Chef/Puppet.
  • Mention and provide guidance for using Linux-native security tools (e.g., auditd, fail2ban, ClamAV) in Azure VMs alongside or as alternatives to Microsoft Antimalware.
  • Provide parity in event collection and monitoring examples, such as how to collect and analyze syslog and Linux audit logs in Azure Monitor.
  • Reference Linux equivalents when discussing PowerShell DSC, such as Azure Automation State Configuration for Linux or third-party configuration management tools.
  • Ensure that all sections referencing PowerShell or Windows-specific features also mention whether and how similar functionality is available for Linux environments.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-session-management.md ...ity/develop/threat-modeling-tool-session-management.md
High Priority View Details →
Scanned: 2025-07-12 23:44
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Windows First Missing Linux Example 🔧 Windows Tools Powershell Heavy
Summary
The documentation is heavily focused on Windows-centric technologies and patterns, such as ASP.NET, ADFS, web.config, and PowerShell commands. All code/configuration examples are for Windows/.NET environments, with no mention of Linux, cross-platform frameworks, or alternative approaches. Linux equivalents, such as configuration for NGINX/Apache, Java/Python web frameworks, or shell commands, are entirely absent.
Recommendations
  • Provide parallel examples for popular Linux-based web frameworks (e.g., Django, Flask, Express.js, Spring) for session management, CSRF protection, and secure cookie handling.
  • Include configuration examples for Linux web servers (e.g., NGINX, Apache) showing how to enforce secure and HttpOnly cookies.
  • When mentioning PowerShell or Windows-specific tools (e.g., Set-ADFSRelyingPartyTrust), offer equivalent bash or CLI commands for Linux-based identity providers (e.g., Shibboleth, Keycloak, or SAML/OIDC providers).
  • Reference cross-platform libraries for session and security management, such as OAuth2 libraries in Python, Node.js, or Java.
  • Structure sections so that Windows and Linux approaches are presented with equal prominence, or explicitly note when a mitigation is Windows-only.
  • Add a table or matrix mapping each mitigation to both Windows and Linux/cross-platform implementations.
GitHub Create Pull Request
Previous Page 11 of 16 Next