Security

116
Total Pages
38
Linux-Friendly Pages
78
Pages with Bias
67.2%
Bias Rate

Bias Trend Over Time

Pages with Bias Issues

380 issues found
Showing 326-350 of 380 flagged pages
Security Azure encryption overview | Microsoft Docs .../articles/security/fundamentals/encryption-overview.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
🔧 Windows Tools Windows First Missing Linux Example
Summary
The documentation page exhibits mild Windows bias, primarily in the 'SMB encryption' section, which references only Windows versions and tools (Windows Server 2012 R2, Windows 8, etc.) for accessing Azure Files shares. No Linux or macOS equivalents (such as SMB clients or mounting instructions) are mentioned. Additionally, Windows tools are referenced before any cross-platform alternatives, and there are no examples or guidance for Linux/macOS users in sections where platform-specific access may differ.
Recommendations
  • Include instructions or references for accessing Azure Files shares with SMB encryption from Linux and macOS clients (e.g., using smbclient, mount.cifs, or other supported tools).
  • Mention cross-platform compatibility and provide links or examples for non-Windows environments wherever Windows tools are referenced.
  • Ensure that examples and tool references are presented in a platform-neutral order or grouped by OS, rather than Windows-first.
  • Add notes or guidance for Linux/macOS users in sections discussing VPN clients, SMB, and other platform-sensitive technologies.
GitHub Create Pull Request
Security Security Recommendations for Azure Marketplace Images | Microsoft Docs ...cles/security/fundamentals/azure-marketplace-images.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation provides separate checklists for Linux and Windows images, but several subtle biases are present. Windows terminology and tools (e.g., BitLocker, HOSTS file, Windows Server roles) are mentioned explicitly, while Linux equivalents (e.g., dm-crypt, /etc/hosts, package managers) are not. In some cases, Windows-specific recommendations (auto-update, BitLocker) are given without Linux analogs. The Linux section contains a confusing reference to 'Windows Server roles' and lacks parity in example commands and tool recommendations. Windows examples and terminology are presented first in some categories.
Recommendations
  • Remove or clarify the reference to 'Windows Server roles' in the Linux checklist.
  • Provide Linux equivalents for Windows-specific recommendations (e.g., suggest using dm-crypt or LUKS for disk encryption, mention auto-update mechanisms like unattended-upgrades or dnf-automatic).
  • Include Linux-specific file references (e.g., /etc/hosts instead of HOSTS file) and clarify removal steps.
  • Ensure that example commands and recommendations are provided for both platforms where applicable.
  • Present Linux and Windows recommendations in parallel structure to avoid implicit prioritization.
GitHub Create Pull Request
Security Cloud feature availability for commercial and US Government customers ...articles/security/fundamentals/feature-availability.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
Powershell Heavy 🔧 Windows Tools Windows First
Summary
The documentation page demonstrates a moderate Windows bias, primarily through the exclusive mention of PowerShell for administration tasks (e.g., Azure Attestation, AIP administration), and the absence of Linux/macOS CLI or scripting alternatives. Windows-centric tools and terminology (PowerShell, Office/Outlook, RMS connector) are referenced without Linux parity or examples. While the page is mostly feature availability tables, where platform bias is less relevant, the few actionable sections (administration, automation) assume Windows environments and tools.
Recommendations
  • Add equivalent Linux/macOS CLI examples (e.g., Azure CLI, Bash scripts) alongside PowerShell instructions for administration and automation tasks.
  • Explicitly mention cross-platform support for SDKs and APIs, and provide links to Linux/macOS usage guides where available.
  • When referencing tools like PowerShell, clarify if alternatives (Azure CLI, REST API) exist and provide usage examples.
  • Ensure that configuration and deployment instructions do not assume a Windows-only environment, and highlight any platform-specific limitations.
GitHub Create Pull Request
Security Security best practices for IaaS workloads in Azure | Microsoft Docs ...-docs/blob/main/articles/security/fundamentals/iaas.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
🔧 Windows Tools Powershell Heavy Windows First Missing Linux Example
Summary
The documentation page demonstrates several types of Windows bias. Windows-specific tools (e.g., BitLocker, Windows Defender, WSUS) and PowerShell cmdlets are referenced without equivalent Linux examples or commands. In some sections, Windows solutions are mentioned first or exclusively, and Linux alternatives are either briefly referenced or omitted. For example, disk encryption and backup instructions use PowerShell cmdlets and Windows-centric terminology, while Linux equivalents (such as CLI commands or Linux-native tooling) are not provided. Antimalware recommendations include Windows Defender and System Center Endpoint Protection, but do not mention popular Linux solutions. Diagnostic and monitoring extensions are described for Windows VMs, with limited mention of Linux support. Overall, Linux users may find it difficult to follow or adapt some best practices due to the lack of parity in examples and tooling.
Recommendations
  • Provide Linux-specific examples and commands (e.g., Bash/CLI equivalents for PowerShell cmdlets).
  • List Linux tools and solutions for antimalware (e.g., ClamAV, Sophos, ESET) alongside Windows options.
  • Explicitly mention Linux support for monitoring, diagnostics, and backup solutions, including links to relevant documentation.
  • Ensure that instructions for disk encryption, backup, and update management include Linux-specific steps and references.
  • Present Windows and Linux guidance in parallel, rather than Windows-first or Windows-only.
GitHub Create Pull Request
Security Azure identity & access security best practices | Microsoft Docs ...ity/fundamentals/identity-management-best-practices.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
🔧 Windows Tools Windows First Powershell Heavy Missing Linux Example
Summary
The documentation demonstrates a moderate Windows bias. Windows-centric tools (Active Directory, AD FS, Windows Server, Windows Hello for Business, Privileged Access Workstations) are referenced exclusively or before alternatives. Examples and guidance for automation and admin tasks mention PowerShell and Windows-specific features, with little or no mention of Linux/macOS equivalents. There is a lack of explicit Linux/macOS guidance for admin workstations, password protection agents, and automation scenarios, which may create friction for non-Windows users.
Recommendations
  • Include Linux/macOS equivalents for admin workstation security (e.g., guidance for securing Linux/macOS admin endpoints).
  • Provide examples for Azure CLI and automation on Linux/macOS, not just PowerShell/Windows.
  • Mention cross-platform authentication options (e.g., FIDO2, passkeys) in a way that highlights their availability on non-Windows systems.
  • Offer parity in documentation for password protection agents and self-service password reset features for non-Windows environments.
  • Clarify which features/tools are Windows-only and suggest alternatives or workarounds for Linux/macOS users.
GitHub Create Pull Request
Security Azure information system components and boundaries ...les/security/fundamentals/infrastructure-components.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
🔧 Windows Tools Missing Linux Example Windows First
Summary
The documentation page demonstrates a Windows bias by exclusively referencing Windows technologies (e.g., Windows Firewall, Windows Server) in its descriptions of Azure VM architecture and management. There are no mentions of Linux equivalents, nor are examples provided for Linux-based scenarios. The documentation implies that Azure VMs run Windows Server by default, without acknowledging the prevalence or support of Linux-based VMs in Azure. This could mislead users into believing that Azure is primarily or exclusively a Windows environment.
Recommendations
  • Explicitly mention that Azure supports both Windows and Linux VMs, and describe how Linux VMs are managed and secured.
  • Include references to Linux-based firewalls (e.g., iptables, firewalld) and how port/addressability is configured for Linux VMs.
  • Provide examples or explanations for both Windows and Linux VM images, including their hardening and management processes.
  • Clarify whether the described processes (e.g., hypervisor, firewall configuration) apply to Linux VMs, and if there are differences, document them.
  • Avoid language that implies Windows is the default or only supported OS in Azure, unless contextually accurate.
GitHub Create Pull Request
Security Isolation in the Azure Public Cloud | Microsoft Docs ...in/articles/security/fundamentals/isolation-choices.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
🔧 Windows Tools Windows First Powershell Heavy
Summary
The documentation page demonstrates a moderate Windows bias. Windows-specific technologies (such as Windows Firewall, BitLocker, Active Directory Federation Services, and Group Policy) are mentioned exclusively or before Linux equivalents. Windows terminology and tools are referenced more frequently and prominently than Linux alternatives. While Linux support is acknowledged in some areas (e.g., disk encryption), Windows patterns and tools are generally described first or in greater detail, and some examples (such as firewalling and privileged access) are Windows-centric.
Recommendations
  • Provide Linux-specific examples and terminology alongside Windows ones, especially for security controls (e.g., mention iptables/nftables alongside Windows Firewall).
  • When discussing privileged access and identity management, include references to Linux-native approaches and tools (e.g., sudo, SELinux, Linux PAM modules).
  • For disk encryption, ensure parity in detail and links for both BitLocker (Windows) and dm-crypt/LUKS (Linux).
  • Mention Linux equivalents for Group Policy (e.g., Ansible, Puppet, Chef, or native Linux configuration management tools) when discussing VM administration.
  • Avoid presenting Windows tools and patterns first; alternate or present both platforms equally.
  • Include command-line examples for both PowerShell (Windows) and Bash (Linux) where relevant.
GitHub Create Pull Request
Security Azure infrastructure integrity ...cles/security/fundamentals/infrastructure-integrity.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a Windows bias by referencing Windows-specific technologies (Windows Fabric, Windows administrator accounts, Endpoint Protection anti-virus), and omitting equivalent Linux/macOS examples or terminology. There are no examples or mentions of Linux-based infrastructure, tools, or administrative patterns, and Windows terminology is used exclusively when describing platform management and security controls.
Recommendations
  • Include references to Linux-based Azure infrastructure components and describe how integrity and security are managed for Linux VMs.
  • Mention anti-virus and monitoring solutions applicable to Linux guest OS builds (e.g., Microsoft Defender for Endpoint on Linux, or other supported tools).
  • Clarify whether similar account restrictions and administrative controls apply to Linux-based nodes and VMs, and provide examples.
  • Use more platform-neutral language when discussing infrastructure (e.g., 'platform management endpoint' instead of 'Windows Fabric platform-management endpoint').
  • Add explicit statements or sections about Linux/macOS support and parity in Azure infrastructure integrity processes.
GitHub Create Pull Request
Security Azure security logging and auditing | Microsoft Docs .../blob/main/articles/security/fundamentals/log-audit.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a moderate Windows bias. Windows tools and terminology (e.g., Windows Event Log, Windows event system) are mentioned first or exclusively in several sections, with Linux equivalents (e.g., Syslog) referenced only briefly or as secondary. Examples and integration details focus more on Windows (such as Azure Diagnostics for Windows) and do not provide parity in Linux-specific instructions or examples. There are no explicit Linux command-line or tool examples, and the documentation assumes familiarity with Windows logging patterns.
Recommendations
  • Provide Linux-specific examples and instructions for collecting and integrating logs (e.g., using Syslog, auditd, or journald).
  • Ensure that Linux tools and patterns are mentioned with equal prominence and detail as Windows equivalents.
  • Add sample configurations for popular Linux distributions and logging agents.
  • Include cross-platform guidance for integrating logs with SIEM systems, highlighting any differences or considerations for Linux.
  • Reorder sections or tables to present Windows and Linux options side-by-side, rather than Windows-first.
GitHub Create Pull Request
Security Azure Operational Security | Microsoft Docs ...articles/security/fundamentals/operational-security.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
Windows First Missing Linux Example 🔧 Windows Tools
Summary
The documentation demonstrates a moderate Windows bias. Windows terminology (e.g., 'Windows Azure', 'Windows Server') is used frequently, and Windows-specific tools and logs (such as Windows event logs, IIS logs) are mentioned more prominently than their Linux equivalents. While Linux is acknowledged as a supported platform, concrete Linux examples, tools, or log types are rarely detailed. In several sections, only Windows or Microsoft-centric technologies are described, and Linux is often mentioned as an afterthought or not at all.
Recommendations
  • Provide parallel Linux examples and terminology wherever Windows-specific tools or logs are mentioned (e.g., reference syslog, journald, or Linux audit logs alongside Windows event logs).
  • Avoid using 'Windows Azure' unless specifically referring to legacy branding; use 'Microsoft Azure' or 'Azure' for platform-neutral language.
  • When discussing agents, backup, or monitoring, explicitly describe Linux support and provide links or examples for Linux setup and troubleshooting.
  • In tables and feature lists, ensure Linux is represented equally to Windows, including references to Linux distributions and supported workloads.
  • Where PowerShell or Windows tools are referenced, also mention Azure CLI, Bash, or other cross-platform tools.
GitHub Create Pull Request
Security Best practices for secure PaaS deployments - Microsoft Azure ...ain/articles/security/fundamentals/paas-deployments.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
🔧 Windows Tools Powershell Heavy Windows First
Summary
The documentation demonstrates a moderate Windows bias, primarily through references to Windows-centric tools and interfaces (e.g., PowerShell, Microsoft Defender for Cloud, and Microsoft Entra ID), and by mentioning Windows/PowerShell access patterns before Linux equivalents. There are no explicit Linux/macOS examples or instructions, and platform-agnostic alternatives are not highlighted. While most recommendations are Azure-specific and theoretically cross-platform, the lack of Linux/macOS context or parity in examples may create friction for non-Windows users.
Recommendations
  • Include explicit Linux/macOS command-line examples (e.g., Azure CLI, Bash) alongside or before PowerShell examples.
  • Clarify that Azure services and security tools are accessible from Linux/macOS environments, and provide instructions for those platforms.
  • Mention platform-agnostic tools (e.g., Azure CLI, REST API) as primary interfaces, with PowerShell as an alternative.
  • Add notes or links to documentation for Linux/macOS users where relevant (e.g., authentication, monitoring, penetration testing).
  • Avoid language that implies Windows/PowerShell is the default or only supported environment.
GitHub Create Pull Request
Security Best practices for protecting secrets ...ticles/security/fundamentals/secrets-best-practices.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
🔧 Windows Tools Missing Linux Example Windows First
Summary
The documentation page demonstrates a moderate Windows bias. It references Windows-centric tools and patterns (e.g., Azure PowerShell, SQL Server on Azure VMs for Windows), and service-specific best practices often default to Windows or PowerShell examples, with Linux equivalents rarely mentioned or omitted. Linux and macOS users may find it harder to locate relevant guidance or examples, especially for automation and integration tasks.
Recommendations
  • Include Linux/macOS-specific examples and CLI commands alongside PowerShell/Windows instructions.
  • Ensure parity in service-specific guides by linking to both Windows and Linux documentation when available.
  • Add explicit references to cross-platform tools (e.g., Azure CLI, Bash scripts) and highlight their usage.
  • Reorder examples so that cross-platform or Linux instructions are presented before or alongside Windows/PowerShell examples.
  • Audit linked service-specific documentation for similar bias and update accordingly.
GitHub Create Pull Request
Security Introduction to Azure security | Microsoft Docs ...s/blob/main/articles/security/fundamentals/overview.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
Windows First Powershell Heavy 🔧 Windows Tools Missing Linux Example
Summary
The documentation demonstrates a moderate Windows bias. Windows terminology, features, and tools (such as PowerShell, IIS, and Windows-specific features in Microsoft Entra ID) are referenced more frequently and often appear before Linux equivalents. Some examples and integration steps (e.g., SQL VM TDE) mention PowerShell cmdlets or Windows-centric workflows without parallel Linux instructions. While Linux is acknowledged (e.g., support for Linux VMs, containers, and disk encryption), examples, tooling, and feature descriptions tend to prioritize Windows, sometimes omitting explicit Linux guidance.
Recommendations
  • Provide Linux-specific examples and command-line instructions (e.g., Bash, CLI) alongside PowerShell/Windows examples.
  • Ensure parity in feature descriptions, explicitly stating how features apply to Linux (not just mentioning support).
  • When referencing tools (e.g., IIS, PowerShell), include Linux alternatives (e.g., Apache, Nginx, Bash scripts) and clarify cross-platform applicability.
  • Add explicit Linux integration steps for features like SQL VM TDE, disk encryption, and diagnostics.
  • Review identity and device management sections to clarify which features are Windows-only and suggest Linux/macOS equivalents or workarounds.
GitHub Create Pull Request
Security Best practices for Azure Service Fabric security ...security/fundamentals/service-fabric-best-practices.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
Powershell Heavy Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a notable Windows bias. It repeatedly references Windows-specific tools (PowerShell module, Windows Server certificate service, MakeCert.exe), and Windows security mechanisms. Examples and instructions for cluster creation, certificate management, and automation are focused on Windows and PowerShell, with no Linux or cross-platform command-line examples. Windows terminology and tools are mentioned first or exclusively, and there is little to no guidance for Linux/macOS users on how to perform equivalent tasks.
Recommendations
  • Provide equivalent Linux/macOS examples for cluster creation, management, and automation (e.g., using Azure CLI, Bash scripts, or cross-platform tools).
  • Mention and demonstrate Linux-compatible certificate creation and management tools (e.g., OpenSSL) alongside Windows Server certificate service and MakeCert.exe.
  • Clarify which features and instructions apply to Linux-based Service Fabric clusters, and offer links to Linux-specific documentation where available.
  • Avoid using Windows terminology (e.g., 'Remote Desktop Connection', 'Active Directory') without noting Linux alternatives (e.g., SSH, LDAP).
  • Ensure that cross-platform APIs (REST, ARM templates) are highlighted as primary automation mechanisms, with PowerShell as an option rather than the default.
GitHub Create Pull Request
Security Secure your Microsoft Entra identity infrastructure ...rticles/security/fundamentals/steps-secure-identity.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
🔧 Windows Tools Windows First Missing Linux Example
Summary
The documentation demonstrates a moderate Windows bias, primarily through frequent references to Windows-centric tools and technologies (e.g., AD FS, Windows Server Active Directory, password protection for Windows Server, Windows Hello for Business) and a lack of Linux/macOS-specific examples or guidance. Windows tools and patterns are mentioned exclusively or before any cross-platform alternatives, and there are no explicit instructions or examples for Linux or macOS environments, especially for hybrid identity scenarios and passwordless authentication.
Recommendations
  • Include examples and guidance for Linux and macOS environments, especially for hybrid identity setups and passwordless authentication.
  • Mention cross-platform alternatives to Windows-specific tools (e.g., highlight FIDO2 keys for passwordless authentication on Linux/macOS, or provide links to relevant documentation).
  • Clarify which features are available or relevant for non-Windows environments, and explicitly state any platform limitations.
  • Provide parity in step-by-step instructions, ensuring that Linux/macOS administrators can follow along without needing Windows infrastructure.
  • Add references to open standards and protocols (such as SAML, OAuth, FIDO2) that are supported across platforms.
GitHub Create Pull Request
Security Prevent subdomain takeovers with Azure DNS alias records and Azure App Service's custom domain verification ...n/articles/security/fundamentals/subdomain-takeover.md
Medium Priority View Details →
Scanned: 2026-01-13 00:00
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
Powershell Heavy Windows First Missing Linux Example
Summary
The documentation page demonstrates a Windows bias by exclusively referencing PowerShell scripts and tools (e.g., Get-DanglingDnsRecords.ps1), and by providing instructions and links that assume the use of PowerShell. There are no examples or guidance for Linux/macOS users, such as Bash, Azure CLI, or cross-platform alternatives. The page also lists PowerShell-based workflows first and does not mention Linux-native tools or patterns for DNS management or Azure Resource Graph queries.
Recommendations
  • Provide equivalent examples and instructions using Azure CLI and Bash scripts, which are cross-platform and commonly used on Linux/macOS.
  • Explicitly state that the PowerShell scripts can be run on PowerShell Core, which is available on Linux/macOS, and provide installation guidance if needed.
  • Include sample workflows or commands for DNS management and Azure Resource Graph queries using Azure CLI.
  • Add notes or sections highlighting Linux/macOS compatibility and any prerequisites for running scripts on those platforms.
  • Where possible, link to cross-platform tools or community solutions that do not require PowerShell.
GitHub Create Pull Request
Security Platform code integrity - Azure Security .../main/articles/security/fundamentals/code-integrity.md
Medium Priority View Details →
Scanned: 2026-01-11 00:00
Reviewed by: LLM Analysis
Issues: 2 bias types
Detected Bias Types
Windows First Missing Linux Example
Summary
The documentation page demonstrates a Windows-first bias by introducing and explaining code integrity primarily in the context of Windows Server 2016, with only a brief mention of the Linux equivalent (DM-Verity) and no further details or examples for Linux. All technical explanations, deployment processes, and operational details are described using Windows terminology and tools, with no Linux-specific guidance, examples, or parity in coverage.
Recommendations
  • Expand the section on Linux code integrity mechanisms (e.g., DM-Verity, IMA) to provide comparable detail to the Windows coverage.
  • Include Linux-specific examples and workflows for code integrity policy creation, enforcement, and auditing.
  • Describe how the build and deployment process enforces code integrity on Linux systems in Azure, including signing, validation, and incident response.
  • Add links to Linux documentation and resources for code integrity, similar to those provided for Windows.
  • Ensure that both Windows and Linux approaches are presented in parallel throughout the documentation, rather than focusing primarily on Windows.
GitHub Create Pull Request
Security Protection of customer data in Azure ...cles/security/fundamentals/protection-customer-data.md
Medium Priority View Details →
Scanned: 2026-01-11 00:00
Reviewed by: LLM Analysis
Issues: 2 bias types
Detected Bias Types
🔧 Windows Tools Windows First
Summary
The documentation page exhibits mild Windows bias. It references Windows-specific technologies (Active Directory, Windows IPsec, SMB) and lists them before or without mentioning Linux equivalents. There are no Linux-specific examples, tools, or terminology (such as LDAP, Linux IPsec, NFS, or Linux authentication mechanisms). The encryption and networking sections mention Windows protocols and tools, but do not provide parity for Linux users.
Recommendations
  • Include Linux equivalents when referencing Windows tools (e.g., mention Linux IPsec, NFS, or LDAP alongside Windows IPsec, SMB, and Active Directory).
  • Provide examples or references for Linux-based authentication and encryption mechanisms in Azure environments.
  • Ensure protocol and tool lists are platform-neutral or explicitly state cross-platform support.
  • Add guidance or links for Linux users on configuring security, encryption, and networking in Azure.
GitHub Create Pull Request
Security Azure threat protection | Microsoft Docs ...ain/articles/security/fundamentals/threat-detection.md
Medium Priority View Details →
Scanned: 2026-01-11 00:00
Reviewed by: LLM Analysis
Issues: 2 bias types
Detected Bias Types
Windows First Missing Linux Example
Summary
The documentation page describes Azure threat protection services in a platform-neutral way, mentioning support for both Windows and Linux in some places (e.g., Defender for Servers). However, there is a subtle Windows bias: Windows is mentioned first when listing supported operating systems, and there are no explicit Linux-specific examples, tools, or guidance. No PowerShell or Windows-only tooling is referenced, but the absence of Linux command-line or integration examples (such as bash, systemd, or Linux security tools) means Linux users may not see their workflows represented.
Recommendations
  • When listing supported platforms, alternate the order or explicitly state parity (e.g., 'Windows and Linux' vs. 'Linux and Windows').
  • Add Linux-specific examples, such as how to enable or configure Defender for Cloud features on Linux VMs (e.g., using bash scripts, cloud-init, or Linux agents).
  • Include references to Linux security tools or integration patterns (e.g., auditd, SELinux, iptables) where relevant.
  • Provide sample workflows or remediation steps for both Windows and Linux environments.
  • Ensure that documentation links and next steps include Linux-focused guides or troubleshooting resources.
GitHub Create Pull Request
Security Trusted Hardware Identity Management ...y/fundamentals/trusted-hardware-identity-management.md
Medium Priority View Details →
Scanned: 2026-01-11 00:00
Reviewed by: LLM Analysis
Issues: 2 bias types
Detected Bias Types
Windows First Powershell Heavy
Summary
The documentation generally provides parity between Windows and Linux, especially in the section on configuring Intel QPL, where both platforms are given step-by-step instructions. However, in the 'How do I use Intel QPL with Trusted Hardware Identity Management?' section, the Windows procedure is presented first and includes PowerShell-specific commands, which may indicate a subtle 'windows_first' and 'powershell_heavy' bias. The rest of the documentation, including download links and usage examples, is either Linux-first or platform-neutral, with many examples using bash or Linux tools.
Recommendations
  • Alternate the order of Windows and Linux instructions in procedural sections, or present them in parallel to avoid the perception of platform preference.
  • Where possible, provide cross-platform command examples (e.g., using both PowerShell and Bash) or clarify that the order does not imply priority.
  • Ensure that Linux and Windows instructions are equally detailed and visible, especially in sections involving configuration or service management.
  • Consider adding a note at the beginning of procedural sections stating that both platforms are supported equally.
GitHub Create Pull Request
Security Platform code integrity - Azure Security .../main/articles/security/fundamentals/code-integrity.md
Medium Priority View Details →
Scanned: 2026-01-10 00:00
Reviewed by: LLM Analysis
Issues: 2 bias types
Detected Bias Types
Windows First Missing Linux Example
Summary
The documentation page primarily describes code integrity as a Windows feature, mentioning Windows Server 2016 and its kernel-level enforcement. While DM-Verity is briefly referenced as a Linux equivalent, the explanation, examples, and process details are focused on Windows. No Linux-specific implementation details, usage patterns, or examples are provided, resulting in a Windows-first perspective and missing Linux parity.
Recommendations
  • Include detailed descriptions of how code integrity is enforced on Linux systems, such as DM-Verity, IMA (Integrity Measurement Architecture), or other relevant technologies.
  • Provide Linux-specific examples and workflows, such as configuring DM-Verity or IMA, and how they integrate with Azure's build and deployment processes.
  • Mention Linux tools and commands alongside Windows tools when discussing code signing, validation, and enforcement.
  • Ensure that both Windows and Linux approaches are presented with equal depth and clarity, ideally in parallel sections.
  • Add references to Linux documentation and resources for further reading.
GitHub Create Pull Request
Security Protection of customer data in Azure ...cles/security/fundamentals/protection-customer-data.md
Medium Priority View Details →
Scanned: 2026-01-10 00:00
Reviewed by: LLM Analysis
Issues: 2 bias types
Detected Bias Types
🔧 Windows Tools Windows First
Summary
The documentation page demonstrates a mild Windows bias. Windows-specific tools and protocols (such as Windows IPsec and SMB) are mentioned explicitly in the 'In-transit data protection' section, while Linux equivalents are not referenced. Additionally, Microsoft corporate Active Directory is described as the access control system, which is a Windows-centric technology, with no mention of cross-platform or Linux-compatible alternatives. The examples and terminology tend to reference Windows technologies first or exclusively, with no Linux-specific guidance or parity.
Recommendations
  • Include references to Linux-compatible protocols and tools for in-transit data protection, such as Linux IPsec, OpenVPN, or NFS.
  • Mention cross-platform identity and access management solutions (e.g., Azure Active Directory integration with Linux systems, or SSSD/LDAP/Kerberos).
  • Provide examples or guidance for both Windows and Linux environments when discussing encryption, access control, and data export.
  • Avoid listing Windows tools (e.g., SMB, Windows IPsec) without also mentioning their Linux counterparts.
  • Add explicit statements or links to documentation for Linux users to ensure parity and inclusivity.
GitHub Create Pull Request
Security Azure threat protection | Microsoft Docs ...ain/articles/security/fundamentals/threat-detection.md
Medium Priority View Details →
Scanned: 2026-01-10 00:00
Reviewed by: LLM Analysis
Issues: 2 bias types
Detected Bias Types
Windows First Missing Linux Example
Summary
The documentation page describes Azure threat protection services in a platform-neutral way, but there are subtle signs of Windows bias. For example, 'Microsoft Defender for Servers' explicitly mentions protection for both Windows and Linux machines, but the rest of the page does not provide platform-specific examples, commands, or tooling. There are no Linux-specific instructions, CLI examples, or references to Linux-native security tools, while Microsoft Antimalware is a Windows-centric solution and is presented without Linux alternatives. The documentation does not mention Linux security patterns or tools, nor does it provide parity in examples or guidance for Linux users.
Recommendations
  • Add explicit Linux-focused examples and instructions for configuring and using Defender for Cloud and other services on Linux VMs.
  • Include references to Linux-native security tools (e.g., auditd, SELinux, AppArmor) and how they integrate with Azure threat protection.
  • Provide CLI and scripting examples using Bash and Azure CLI, not just PowerShell or Windows-centric tools.
  • Clarify which services and features are available or behave differently on Linux versus Windows, and link to platform-specific documentation where appropriate.
  • Mention Linux antimalware solutions (e.g., Microsoft Defender for Endpoint on Linux, ClamAV) and how they can be used in Azure environments.
GitHub Create Pull Request
Security Trusted Hardware Identity Management ...y/fundamentals/trusted-hardware-identity-management.md
Medium Priority View Details →
Scanned: 2026-01-10 00:00
Reviewed by: LLM Analysis
Issues: 2 bias types
Detected Bias Types
Windows First Powershell Heavy
Summary
The documentation generally maintains good cross-platform coverage, but there is a subtle Windows bias in the ordering and detail of some instructions. In the section on modifying the Intel QPL configuration, Windows instructions (including PowerShell/registry steps) are presented before Linux equivalents, and the Windows steps are more verbose. However, Linux examples are present and functional, and the rest of the documentation (especially for AMD and Kubernetes) is Linux-centric or neutral.
Recommendations
  • Alternate the order of platform-specific instructions (e.g., present Linux steps first or side-by-side with Windows).
  • Ensure parity in detail and clarity between Windows and Linux instructions (e.g., provide equal explanation for file permissions or service management on both platforms).
  • Where possible, use platform-neutral language and examples, or provide both Windows and Linux code snippets in parallel.
  • Review other sections for subtle prioritization of Windows tools or patterns, and balance with Linux-native equivalents.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/code-integrity.md .../main/articles/security/fundamentals/code-integrity.md
Medium Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 2 bias types
Detected Bias Types
Windows First Missing Linux Example
Summary
The documentation page primarily discusses code integrity in the context of Windows, specifically referencing Windows Server 2016 and its kernel-level Code Integrity service. While DM-Verity is briefly mentioned as a Linux equivalent, there are no Linux-specific examples, details, or operational guidance provided. The build and deployment processes described are Windows-centric, with no mention of how similar integrity enforcement is managed on Linux platforms.
Recommendations
  • Provide equivalent Linux examples and operational details, such as how DM-Verity or IMA (Integrity Measurement Architecture) can be configured and used in Azure environments.
  • Include Linux-specific terminology, tools, and workflows alongside Windows examples to ensure parity.
  • Describe the build, signing, and validation process for Linux binaries, including how code integrity policies are enforced and audited.
  • Offer guidance for incident response and staged deployment in Linux environments, mirroring the Windows-focused sections.
  • Ensure that references to code integrity features and processes are presented in a cross-platform manner, not exclusively or primarily from a Windows perspective.
GitHub Create Pull Request
Previous Page 14 of 16 Next