Microsoft Launches Cloud Katana Into Open-Source

Microsoft Launches Cloud Katana Into Open-Source

Microsoft is launching Cloud Katana, its Azure-backed cloud security assessment tool, into open-source, according to a blog post on the company’s website. The solution is a cloud-native serverless application built on Azure Functions to provides secure access to Azure resources. While it currently only works with Azure, Microsoft is working to make it compatible with other cloud providers.

Our MSP Buyer’s Guide contains profiles on the top managed cloud service providers for AWS, Azure, and Google Cloud, as well as questions you should ask vendors and yourself before buying. We also offer an MSP Vendor Map that outlines those vendors in a Venn diagram to make it easy for you to select potential providers.

Publicly released in 2010, Microsoft’s cloud computing environment, Azure, offers tools and frameworks for businesses to develop, manage, and deploy applications on a global network. It delivers a variety of SaaS and PaaS services in its public cloud environment. However, Microsoft also extends its Azure offerings to its hybrid cloud service Azure Stack, which allows users with an on-premise or hybrid infrastructure to take advantage of Azure services.

Delivered through a serverless execution model, Cloud Katana provides attack simulations documented in a YAML-based format to aggregate metadata for security analysis. The solution uses Azure AD to authenticate clients, allowing administrators to easily manage identities. Microsoft is also experimenting with extending these features to work with on-premise deployments.

In the company’s blog post on the announcement, principal threat researcher Roberto Rodriguez stated: “Cloud Katana is a cloud-native solution that relies on platform as a service (PaaS) concepts to provide a simplified and scalable event-driven solution without worrying about deploying and maintaining the underlying infrastructure used to execute simulations. To meet this need, Cloud Katana uses Azure Functions to abstract the operating system layer from the code through a pay-per-execution billing model that automatically scales based on trigger invocations.”

Learn more about Cloud Katana here.


Daniel Hein