Security

116
Total Pages
38
Linux-Friendly Pages
78
Pages with Bias
67.2%
Bias Rate

Bias Trend Over Time

Pages with Bias Issues

380 issues found
Showing 201-225 of 380 flagged pages
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-releases-73308291.md ...rity/develop/threat-modeling-tool-releases-73308291.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First Missing Linux Example 🔧 Windows Tools
Summary
The documentation exclusively references Windows environments, including installation patterns (ClickOnce), error paths, and system requirements. Only Windows is mentioned as a supported OS, and all troubleshooting and usage instructions assume a Windows context. There are no Linux or cross-platform examples, nor any mention of Linux support or alternatives.
Recommendations
  • Explicitly state if the tool is Windows-only, or provide information about Linux/macOS support if available.
  • If Linux is not supported, suggest possible workarounds (e.g., using Wine or virtualization) or alternative tools for Linux users.
  • Include a section addressing cross-platform compatibility and clarify installation and usage instructions for non-Windows environments if applicable.
  • If future versions may support Linux, mention this in the documentation to inform users.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/virtual-machines-overview.md ...les/security/fundamentals/virtual-machines-overview.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation demonstrates a moderate Windows bias. Windows tools and technologies (such as Microsoft Antimalware, BitLocker, and Microsoft Defender for Endpoint) are mentioned first or exclusively in several sections. While Linux is acknowledged as supported, Linux-specific examples, tools, or guidance are often missing or less detailed. For instance, antimalware and endpoint protection sections focus almost entirely on Microsoft/Windows solutions, and links to Linux-specific security solutions are absent. In the disk encryption section, BitLocker (Windows) is mentioned before dm-crypt (Linux), and the majority of linked resources and examples are Windows-centric.
Recommendations
  • Provide Linux-specific examples and guidance alongside Windows examples, especially in antimalware and endpoint protection sections.
  • List Linux and Windows tools in parallel, rather than mentioning Windows tools first or exclusively.
  • Include links to popular Linux antimalware and endpoint protection solutions available in the Azure Marketplace.
  • Ensure that all security features (e.g., Microsoft Defender for Endpoint) clarify Linux support and provide relevant Linux documentation links.
  • Where possible, add Linux command-line or configuration examples (e.g., for deploying antimalware, configuring disk encryption, or using backup tools).
  • Balance the order of presentation so that Linux and Windows are treated equally throughout the documentation.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-exception-management.md ...y/develop/threat-modeling-tool-exception-management.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First Missing Linux Example 🔧 Windows Tools
Summary
The documentation is heavily oriented towards Windows technologies and tools, such as WCF, ASP.NET, IIS, and Windows-specific configuration files (web.config, machine.config). All code and configuration examples are for .NET/ASP.NET and Windows server environments, with no mention of Linux, cross-platform .NET Core, or alternative web servers (e.g., Apache, Nginx). Linux equivalents, if any, are not discussed or referenced.
Recommendations
  • Add examples and mitigation steps for cross-platform .NET (e.g., ASP.NET Core) running on Linux, including configuration differences.
  • Include guidance for deploying and configuring exception management on Linux-based web servers (e.g., Apache, Nginx, Kestrel) alongside IIS.
  • Reference Linux file paths, permissions, and deployment practices where relevant.
  • Mention and provide examples for non-Windows environments, such as containerized deployments (Docker), and cloud-native Linux scenarios.
  • Clarify which recommendations are Windows-specific and which are applicable to cross-platform or Linux environments.
  • Provide parity in code/configuration samples for both Windows and Linux hosting scenarios.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-authorization.md ...security/develop/threat-modeling-tool-authorization.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Powershell Heavy Missing Linux Example
Summary
The documentation demonstrates a Windows bias primarily through the use of Windows-centric technologies (e.g., WCF, ASP.NET, UseWindowsGroups), configuration examples referencing Windows roles and groups, and a lack of Linux/Unix-specific examples or tools. While some recommendations are generic, the only concrete implementation details and code samples are for Windows/.NET environments, with no equivalent Linux or cross-platform examples provided.
Recommendations
  • Provide equivalent Linux/Unix examples for access control (e.g., using chmod, chown, setfacl for ACLs, and Linux user/group management).
  • Include cross-platform or Linux-specific code/configuration samples alongside Windows/.NET examples, especially for authorization and role management.
  • Mention Linux/Unix tools and patterns (e.g., sudoers, PAM, systemd service permissions) where relevant, not just Windows tools like UseWindowsGroups.
  • For sections referencing user-profile directories, clarify the Linux equivalent (e.g., /home/username) and provide examples for both platforms.
  • When discussing web application and database security, include references to open-source stacks (e.g., Node.js, Django, PostgreSQL) and their authorization mechanisms.
  • Balance the order of presentation so that Linux/Unix approaches are mentioned alongside or before Windows-specific ones, where applicable.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/antimalware-code-samples.md ...cles/security/fundamentals/antimalware-code-samples.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Powershell Heavy 🔧 Windows Tools Missing Linux Example Windows First
Summary
The documentation exclusively provides PowerShell code samples and references to Windows-centric tools and file paths (e.g., C:\ paths, .exe processes). There are no examples or guidance for Linux VMs or cross-platform alternatives, and all extension configuration is shown using Windows/PowerShell paradigms. Linux support or parity is not mentioned, and the documentation implicitly assumes a Windows environment.
Recommendations
  • Add equivalent examples for deploying and configuring antimalware on Linux VMs, using Azure CLI, ARM templates, or REST API.
  • Clarify whether Microsoft Antimalware is available for Linux VMs, and if not, explicitly state this limitation.
  • If Linux support exists, provide sample configuration files and command-line instructions relevant to Linux environments.
  • Avoid using only Windows file paths and process names in configuration samples; include Linux-style paths and process examples where applicable.
  • Present cross-platform tools (e.g., Azure CLI) before or alongside PowerShell, to ensure parity and inclusivity.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/data-encryption-best-practices.md ...ecurity/fundamentals/data-encryption-best-practices.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Windows First Powershell Heavy 🔧 Windows Tools Missing Linux Example
Summary
The documentation demonstrates a moderate Windows bias. Windows terminology, tools, and concepts (e.g., BitLocker, privileged access workstation, contributor roles) are mentioned first or exclusively in several sections. While Linux is referenced (e.g., Azure Disk Encryption for Linux VMs), examples and tool explanations are often Windows-centric or lack Linux parity. There are no Linux-specific command-line or management examples, and secure workstation recommendations are based on Microsoft/Windows models without Linux alternatives.
Recommendations
  • Provide Linux-specific examples and command-line instructions (e.g., using Azure CLI/Bash instead of only referencing Windows/PowerShell or BitLocker).
  • When discussing secure workstations, include guidance or references for securing Linux-based admin workstations, not just Microsoft PAW.
  • Present Linux and Windows options together, or alternate which is mentioned first, to avoid the perception of Windows as the default.
  • Where Windows tools (e.g., BitLocker, privileged access workstation) are mentioned, add equivalent Linux tools (e.g., dm-crypt, LUKS, Linux hardening guides) and link to relevant documentation.
  • Include Linux-focused security best practices and reference open-source security tools where appropriate.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/database-security-checklist.md ...s/security/fundamentals/database-security-checklist.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a Windows bias by referencing Windows-specific protocols (TDS), linking to Windows Server documentation for TLS, and omitting Linux or cross-platform tooling and examples. There are no mentions of Linux-based client tools, nor are there instructions or references for managing Azure SQL security from non-Windows environments.
Recommendations
  • Include examples and links for configuring secure connections from Linux-based clients (e.g., using sqlcmd, Azure CLI, or ODBC on Linux).
  • Reference cross-platform tools and protocols, not just Windows-specific ones (e.g., mention that TDS is supported by various clients on different OSes).
  • Provide parity in documentation links, such as linking to TLS documentation relevant for Linux and macOS users.
  • Explicitly mention that management and security features are accessible from non-Windows environments, and provide guidance or examples for those scenarios.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/encryption-overview.md .../articles/security/fundamentals/encryption-overview.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Windows First Powershell Heavy 🔧 Windows Tools Missing Linux Example
Summary
The documentation demonstrates a Windows bias in several areas: Windows tools and terminology are often mentioned first or exclusively (e.g., SMB 3.0, RDP, PowerShell), and Windows-specific libraries (e.g., .NET NuGet package for client-side encryption) are highlighted before or instead of Linux or cross-platform alternatives. PowerShell is given as a primary automation/configuration method, with less emphasis or detail on Linux CLI or scripting. Some sections lack Linux-specific examples or parity in instructions, especially for storage and VPN configuration.
Recommendations
  • Provide Linux and cross-platform examples alongside Windows/PowerShell instructions, especially for configuration tasks (e.g., VPN, storage encryption).
  • Mention Linux tools and protocols (e.g., Samba for SMB, OpenSSH, Linux CLI) with equal prominence and detail.
  • Include references to Linux SDKs and libraries (e.g., Azure Storage SDK for Python, Java, or Node.js) for client-side encryption, not just .NET/Windows libraries.
  • When listing protocols or tools (e.g., SMB, RDP, PowerShell), clarify Linux equivalents and provide links to relevant documentation.
  • Ensure that automation and scripting examples are provided for both PowerShell and Bash/Azure CLI, and that Linux configuration steps are as detailed as Windows ones.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/identity-management-best-practices.md ...ity/fundamentals/identity-management-best-practices.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation demonstrates a Windows bias by referencing Windows-specific tools (such as Windows Server Active Directory, Privileged Access Workstations, and Windows Hello for Business) and patterns (like Microsoft Entra Connect for on-premises integration) without mentioning or providing Linux or cross-platform equivalents. There are no examples or guidance for Linux-based identity management, admin workstations, or password protection, and Windows terminology is used exclusively when discussing on-premises scenarios.
Recommendations
  • Include examples and guidance for integrating Linux-based identity providers (such as OpenLDAP or FreeIPA) with Azure/Microsoft Entra ID.
  • Mention and provide parity for Linux admin workstation security models, such as using hardened Linux desktops for privileged access, alongside Windows PAWs.
  • Discuss password protection and synchronization for Linux-based systems, or reference third-party tools that can provide similar functionality.
  • When referencing tools like Microsoft Entra Connect, clarify if and how Linux environments can participate or what alternatives exist.
  • Avoid using Windows-specific terminology exclusively; provide cross-platform terminology and examples where possible.
  • Add explicit notes or links for Linux administrators on how to achieve similar security postures using non-Windows infrastructure.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/hypervisor.md ...blob/main/articles/security/fundamentals/hypervisor.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a Windows bias by exclusively referencing Windows Hyper-V as the hypervisor technology, without mentioning or providing examples for Linux-based hypervisors or management tools. The terminology and security mechanisms described are specific to Windows environments, and there are no Linux or cross-platform perspectives or examples provided.
Recommendations
  • Include references to Linux-based hypervisors (such as KVM or Xen) where relevant, and clarify how Azure supports or interacts with Linux guests and their security models.
  • Provide examples or explanations of how hypervisor security concepts apply to Linux VMs on Azure, including any differences in implementation or management.
  • Mention Linux-specific tools or commands (e.g., virsh, qemu, or Linux security modules) where appropriate, or at least acknowledge their existence and role in the Azure ecosystem.
  • Balance the discussion by explicitly stating Azure's support for both Windows and Linux guests, and how security boundaries and mitigations are enforced for both.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-input-validation.md ...urity/develop/threat-modeling-tool-input-validation.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example Powershell Heavy
Summary
The documentation demonstrates a strong Windows and .NET bias. All code examples are in C# and target .NET/ASP.NET technologies, with configuration examples referencing IIS and web.config. References and steps often mention Windows-specific technologies (MSXML, http.sys, IIS, Win32 APIs) and Microsoft-centric frameworks (WCF, MVC, Web Forms). There are no Linux, cross-platform, or open-source web server examples (e.g., Apache, Nginx), nor are there any code samples in languages common on Linux (e.g., Python, Java, Node.js). Even generic security concepts are illustrated exclusively with Microsoft tooling and patterns.
Recommendations
  • Provide equivalent examples for Linux-based environments, such as configuring headers in Apache (using .htaccess) or Nginx.
  • Include code samples in other popular web languages (Python/Flask, Node.js/Express, Java/Spring) to demonstrate input validation and security controls.
  • Reference cross-platform XML libraries and demonstrate disabling entity resolution in Java (SAX/DOM), Python (lxml), and Node.js.
  • When discussing HTTP headers, show how to set them in non-IIS environments (e.g., with Nginx, Apache, or via application code in various languages).
  • Avoid assuming .NET or Windows as the default; structure sections to present cross-platform or language-agnostic guidance first, then provide platform-specific details.
  • Mention open-source alternatives to Microsoft-specific libraries (e.g., OWASP Java Encoder, Python's html.escape for output encoding).
  • Balance references and links to include non-Microsoft documentation and best practices from the broader security community.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/infrastructure-integrity.md ...cles/security/fundamentals/infrastructure-integrity.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a Windows-centric bias by referencing Windows-specific technologies (such as Windows Fabric and Windows administrator accounts) and omitting equivalent Linux tools or scenarios. There are no examples or mentions of Linux-based environments, tools, or patterns, and Windows terminology is used exclusively when discussing platform management and security controls.
Recommendations
  • Include references to both Windows and Linux environments where applicable, especially in sections discussing OS images, administrator accounts, and platform management endpoints.
  • Mention Linux equivalents for technologies like Windows Fabric or clarify if such features are Windows-only.
  • Describe how virus scans and endpoint protection are handled for Linux-based components or guest VMs.
  • Provide examples or notes on how ACLs, firewalls, and monitoring agents operate in Linux-based clusters.
  • Avoid using Windows terminology exclusively; use neutral or cross-platform terms where possible.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/log-audit.md .../blob/main/articles/security/fundamentals/log-audit.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a Windows-first bias in several areas. Windows tools and patterns, such as the Windows Event Log service, are mentioned before their Linux equivalents (e.g., Syslog). There is a lack of concrete Linux-specific examples or guidance, and Windows diagnostic tools are referenced by name, while Linux logging is only briefly mentioned. This may make the documentation less accessible or actionable for Linux users.
Recommendations
  • Provide Linux-specific examples and guidance alongside Windows examples, such as detailed steps for configuring Syslog collection and forwarding in Azure.
  • When listing log types or tools, present Windows and Linux options with equal prominence, or alternate their order to avoid implicit prioritization.
  • Reference Linux-native tools (e.g., rsyslog, journald) and their integration with Azure Monitor or other Azure services.
  • Include example commands or configuration snippets for both Windows (e.g., PowerShell, Event Viewer) and Linux (e.g., shell commands, log file paths).
  • Clarify in tables and text that both Windows and Linux are supported, and provide links to Linux-specific documentation where available.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/infrastructure-operations.md ...les/security/fundamentals/infrastructure-operations.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a Windows bias by referencing Windows-specific technologies (e.g., 'Microsoft Monitoring Agent', 'Azure SQL Database Windows Fabric platform', 'Active Directory Federation Services') without mentioning Linux or cross-platform equivalents. There are no examples or references to Linux-based monitoring agents, authentication methods, or operational tooling, and the term 'Windows' is explicitly used in the context of the Fabric platform. The documentation assumes a Windows-centric environment for management and monitoring, omitting Linux or open-source alternatives.
Recommendations
  • Include references to Linux-based monitoring agents (e.g., OMS Agent for Linux, Azure Monitor Agent) and describe how monitoring/logging is handled on Linux hosts.
  • Mention cross-platform or Linux-native authentication and access control methods (such as integration with PAM, SSH, or SSSD) where relevant.
  • If the Azure SQL Database Fabric platform is Windows-only, clarify this and provide information on equivalent Linux-based services or note the lack thereof.
  • Provide examples or descriptions of operational tooling and workflows for both Windows and Linux environments to ensure parity.
  • Avoid using 'Windows' in platform names or descriptions unless it is strictly Windows-only, and clarify platform support where possible.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/paas-applications-using-app-services.md ...y/fundamentals/paas-applications-using-app-services.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First Missing Linux Example 🔧 Windows Tools
Summary
The documentation page demonstrates a Windows bias by providing a specific security configuration example (Dynamic IP Security via web.config) only for App Service on Windows, without mentioning equivalent methods for Linux-based App Service. It references Windows-specific tooling (web.config, IIS) and omits Linux-native approaches or configuration files, leading to an incomplete experience for Linux users.
Recommendations
  • Include equivalent instructions or references for restricting IP addresses on App Service for Linux, such as using app-level configuration, .htaccess (for Apache), or nginx configuration files.
  • When mentioning Windows-specific features (like web.config or IIS), immediately follow with Linux alternatives or note if a feature is unavailable.
  • Add explicit examples or links for Linux-based App Service security configurations to ensure parity.
  • Review other sections for similar patterns and ensure cross-platform coverage throughout the documentation.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/isolation-choices.md ...in/articles/security/fundamentals/isolation-choices.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
🔧 Windows Tools Windows First Powershell Heavy Missing Linux Example
Summary
The documentation demonstrates a Windows bias by referencing Windows-specific tools and technologies (such as BitLocker, Windows Firewall, Active Directory Federation Services, and Group Policy) without equivalent emphasis or examples for Linux. Windows terminology and tools are often mentioned first or exclusively, and there is a lack of Linux-specific operational guidance or examples, especially in areas like VM administration, disk encryption, and identity management.
Recommendations
  • Provide Linux-specific operational examples and guidance alongside Windows examples, especially for VM administration, disk encryption, and identity management.
  • When mentioning Windows tools (e.g., BitLocker, Group Policy, Windows Firewall), also mention and briefly describe the Linux equivalents (e.g., dm-crypt, iptables/firewalld, PAM/SSSD for identity).
  • Avoid using Windows terminology as the default; instead, use cross-platform or neutral terms where possible, or explicitly mention both Windows and Linux.
  • Include Linux command-line examples (e.g., Bash, CLI) where PowerShell or Windows GUI steps are referenced.
  • Ensure that references to documentation or quickstarts include both Windows and Linux versions, especially in 'Next Steps' and operational sections.
  • Highlight Azure features or services that are platform-agnostic or provide parity between Windows and Linux, and call out any differences or limitations for Linux users.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/management.md ...blob/main/articles/security/fundamentals/management.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Windows First Missing Linux Example 🔧 Windows Tools Powershell Heavy
Summary
The documentation page demonstrates a strong Windows bias throughout. It consistently references Windows-specific tools (such as AppLocker, Hyper-V, Group Policy, BitLocker, Windows Firewall, and PowerShell) as the primary or only examples for hardening, management, and security. There are no equivalent Linux tools or workflows mentioned, nor are there any Linux-specific examples or guidance for securing non-Windows management endpoints. The language assumes Windows as the default management environment, with no discussion of Linux-based administrative workstations or tools.
Recommendations
  • Add parallel Linux examples and recommendations throughout, such as using iptables/nftables for firewalling, AppArmor/SELinux for application control, and open-source VPN solutions.
  • Include Linux-based management workstation hardening guidance (e.g., minimal install, sudoers configuration, SSH key management, Linux patching best practices).
  • Reference cross-platform Azure management tools (e.g., Azure CLI, which is available on Linux/macOS/Windows) and provide usage examples for both PowerShell and Bash.
  • Mention Linux equivalents for Windows security features (e.g., dm-crypt/LUKS for disk encryption, auditd for auditing, systemd services for restricting execution).
  • Discuss Linux domain integration options (e.g., using SSSD/realmd for joining Linux systems to Active Directory or Azure AD).
  • Balance the order of presentation so that Linux and Windows approaches are given equal prominence, or at least acknowledge Linux as a first-class management platform.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/operational-checklist.md ...rticles/security/fundamentals/operational-checklist.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
🔧 Windows Tools Windows First Missing Linux Example
Summary
The documentation page demonstrates a Windows bias by referencing Windows-specific protocols (e.g., SMB 3.0) and tools without equivalent Linux examples or alternatives. In the 'Data Protection & Storage' section, SMB (a Windows-native protocol) is mentioned for Azure File Shares, but there is no mention of NFS or Linux mounting instructions. Additionally, the order and phrasing often present Windows approaches or terminology first, and some links (e.g., Azure Disk Encryption for Windows VMs) are duplicated or misdirected, while Linux-specific guidance is less visible or missing.
Recommendations
  • Include Linux-specific protocols and tools (e.g., NFS for Azure File Shares) alongside or before Windows examples.
  • Provide explicit Linux command-line or configuration examples where Windows tools or protocols are referenced.
  • Ensure parity in documentation links: for every Windows-specific link (e.g., Azure Disk Encryption for Windows VMs), provide and correctly link to the Linux equivalent.
  • Avoid referencing Windows protocols (such as SMB) exclusively; mention cross-platform or Linux-native options where available.
  • Review the checklist for opportunities to add Linux administration and security best practices, not just those that align with Windows environments.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/paas-deployments.md ...ain/articles/security/fundamentals/paas-deployments.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Windows First Powershell Heavy 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a moderate Windows bias. Remote management protocols are listed as SSH, RDP, and PowerShell remoting, with RDP and PowerShell (both Windows-centric) mentioned alongside SSH but without Linux-specific management tools or examples. The use of PowerShell for Azure management is referenced multiple times, and there are no Linux command-line or management tool examples. The documentation also refers to Microsoft Entra and other Microsoft-specific technologies without mentioning cross-platform or open-source alternatives, and does not provide parity for Linux users in terms of security tooling or operational patterns.
Recommendations
  • When listing remote management protocols, provide Linux-first or at least equal examples (e.g., SSH, SCP, SFTP, and mention Linux-native management tools such as Ansible or Bash scripting for automation).
  • Include Linux command-line examples for Azure management, such as using the Azure CLI (az) in Bash, and reference cross-platform tools.
  • When referencing PowerShell, clarify that Azure PowerShell is cross-platform, or provide parallel Bash/Azure CLI examples.
  • Mention open-source identity and authentication solutions (e.g., integration with LDAP, SSSD, or other federated identity providers) where appropriate.
  • Ensure that security best practices and tooling recommendations are not limited to Microsoft or Windows-specific solutions, but also include guidance relevant to Linux-based deployments.
  • Add explicit notes or sections for Linux administrators, highlighting any differences or additional considerations.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/ransomware-detect-respond.md ...les/security/fundamentals/ransomware-detect-respond.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a Windows bias by focusing exclusively on Microsoft and Windows-centric tools (e.g., Microsoft Defender for Cloud, Defender for Endpoint, PowerShell logs), and by omitting Linux-specific guidance, tools, or examples. There are no references to Linux event logs, Linux endpoint protection, or incident response workflows for non-Windows systems. The examples and recommendations assume a Windows environment and do not address Linux or cross-platform scenarios.
Recommendations
  • Include equivalent Linux guidance for detection and response, such as monitoring Linux audit logs, syslog, or journald for ransomware indicators.
  • Mention Linux-compatible security solutions (e.g., Microsoft Defender for Endpoint on Linux, or third-party EDR/XDR tools) alongside Windows tools.
  • Provide examples of how to isolate or remediate compromised Linux systems, including relevant commands or procedures.
  • Reference Linux-specific attack vectors (e.g., SSH brute force) and mitigation strategies.
  • Ensure that any mention of PowerShell or Windows Event Logs is paired with Linux equivalents (e.g., Bash history, auditd logs).
  • Clarify that the recommendations apply to both Windows and Linux environments, or provide separate sections/examples for each platform.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/overview.md ...s/blob/main/articles/security/fundamentals/overview.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Powershell Heavy Missing Linux Example
Summary
The documentation demonstrates a moderate Windows bias. While it mentions Linux support in some areas (e.g., Azure Disk Encryption for Linux VMs, Azure Backup for Linux), Windows tools, technologies, and patterns (such as IIS, BitLocker, and PowerShell) are often referenced first or exclusively. Several diagnostic and configuration examples reference Windows-specific features (e.g., IIS trace logs, BitLocker, PowerShell cmdlets) without providing equivalent Linux guidance or examples. Linux tools and workflows are mentioned less frequently and sometimes only in passing.
Recommendations
  • Provide Linux-specific examples and workflows alongside Windows ones, especially for configuration, diagnostics, and security operations.
  • When referencing Windows tools (e.g., PowerShell, IIS, BitLocker), include equivalent Linux tools (e.g., Bash/CLI, Apache/Nginx logs, dm-crypt/LUKS) and instructions.
  • Avoid presenting Windows technologies or tools first by default; instead, present both Windows and Linux options in parallel where possible.
  • Expand sections that mention Linux only in passing (e.g., 'Azure Disk Encryption for Linux VMs') with concrete usage examples and links to relevant Linux documentation.
  • Ensure that all code snippets, command-line instructions, and troubleshooting steps are available for both Windows and Linux environments.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/ransomware-prepare.md ...n/articles/security/fundamentals/ransomware-prepare.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
🔧 Windows Tools Missing Linux Example Windows First
Summary
The documentation page demonstrates a Windows and Azure-centric bias by exclusively referencing Microsoft and Windows-based tools (e.g., Microsoft Defender, Azure Backup, MARS agent, Active Directory) and omitting Linux-specific examples or tools. Backup and recovery guidance is focused on Azure and Windows Server, with no mention of Linux backup strategies or tools. There are no Linux command-line or open-source tool examples, and the guidance assumes a Microsoft ecosystem, which may not be representative of mixed or Linux-heavy environments.
Recommendations
  • Include examples and guidance for Linux systems, such as using rsync, tar, or open-source backup solutions (e.g., Bacula, Duplicity, Restic) for backup and recovery.
  • Mention Linux-native security tools (e.g., auditd, SELinux, AppArmor, ClamAV) alongside Microsoft Defender and Azure tools.
  • Provide parity in incident response and malware analysis sections by referencing Linux log sources (e.g., syslog, journald), authentication systems (e.g., PAM, LDAP), and forensics tools (e.g., Sleuth Kit, Volatility).
  • When listing backup options, include Linux on-premises and cloud backup strategies, not just Windows Servers and Azure-native solutions.
  • Balance references to Active Directory with mentions of common Linux directory/authentication solutions.
  • Explicitly state that the guidance applies to multi-platform environments and provide links or references to Linux and open-source documentation where appropriate.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/ransomware-features-resources.md ...security/fundamentals/ransomware-features-resources.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a Windows bias by referencing Windows-specific tools and authentication methods (e.g., Windows Hello) before or instead of Linux equivalents, and by omitting concrete Linux-focused examples or tools. While the text mentions that Microsoft Defender for Cloud protects both Linux and Windows, practical examples, screenshots, and tool references are either Windows-centric or generic, with no Linux-specific guidance or parity in authentication or system management features.
Recommendations
  • Provide explicit Linux-focused examples and screenshots alongside Windows ones, especially when demonstrating threat detection, backup, or remediation steps.
  • When listing authentication options, mention Linux-compatible passwordless and multifactor authentication solutions (e.g., FIDO2, PAM modules, Linux desktop integrations) alongside Windows Hello.
  • Include references to Linux-native tools and patterns (such as SSH key management, Linux firewall configuration, or integration with Linux SIEM agents) where Windows tools are mentioned.
  • Ensure that all actionable recommendations and feature descriptions clarify support for both Linux and Windows, and provide links to Linux-specific documentation where available.
  • Balance the order of presentation so that Linux and Windows are given equal prominence, rather than defaulting to Windows-first language or examples.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/subdomain-takeover.md ...n/articles/security/fundamentals/subdomain-takeover.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 3 bias types
Detected Bias Types
Powershell Heavy Windows First Missing Linux Example
Summary
The documentation demonstrates a Windows/PowerShell bias by exclusively providing PowerShell-based tooling and scripts (e.g., Get-DanglingDnsRecords.ps1), referencing PowerShell in the 'Next steps', and omitting any Linux-native or cross-platform CLI examples. There is no mention of Bash, Azure CLI, or Linux-specific instructions, which may hinder Linux users or those preferring non-Windows environments.
Recommendations
  • Provide equivalent examples using Azure CLI (az) commands, which are cross-platform and commonly used on Linux and macOS.
  • Include Bash script examples or instructions for running the detection and remediation steps on Linux systems.
  • Clarify whether the provided PowerShell scripts are compatible with PowerShell Core (pwsh) on Linux/macOS, and provide installation guidance if so.
  • Reference or link to any available open-source or third-party tools that can be run natively on Linux for detecting dangling DNS records.
  • Ensure that all prerequisite and setup instructions include both Windows and Linux environments (e.g., how to authenticate to Azure, install required modules, etc.).
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-configuration-management.md ...velop/threat-modeling-tool-configuration-management.md
High Priority View Details →
Scanned: 2025-07-13 21:37
Reviewed by: Unknown
Issues: 4 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Powershell Heavy Missing Linux Example
Summary
The documentation exhibits a strong Windows bias, with nearly all configuration and code examples tailored to Windows-centric technologies (ASP.NET, IIS, web.config, BitLocker, Windows Firewall, WCF, etc.). There are no Linux or cross-platform equivalents provided for key security practices, and Windows tools and patterns are mentioned exclusively or before any alternatives. Linux/Unix-based approaches, tools, or configuration examples are entirely absent, even for generic security recommendations.
Recommendations
  • For every configuration or code example using Windows-specific tools (e.g., web.config, IIS, BitLocker, Windows Firewall), provide equivalent instructions for Linux environments (e.g., Apache/Nginx configuration, iptables/firewalld, LUKS/dm-crypt for disk encryption).
  • Include cross-platform or Linux-specific code/configuration snippets alongside Windows examples, especially for HTTP headers (CSP, X-Frame-Options, X-Content-Type-Options) and CORS setup.
  • Reference Linux/Unix security tools and best practices (e.g., SELinux, AppArmor, fail2ban, systemd service hardening) where relevant.
  • Mention open-source and cross-platform frameworks (e.g., Node.js, Django, Flask, Spring) in addition to ASP.NET and WCF, and provide examples for those stacks.
  • When discussing Azure-specific features, clarify which recommendations are applicable to Linux-based Azure services and provide relevant guidance.
  • Explicitly state when a recommendation is Windows-only, and offer alternative approaches for non-Windows environments.
GitHub Create Pull Request
Previous Page 9 of 16 Next