Microsoft Entra ID configurations are too critical to leave not backup or unversioned. With ControlMonkey’s new Entra ID support, your identity layer now receives structured backup, visibility, and recovery coverage – just like your data and cloud infrastructure.

Why Backup and Govern Your Entra ID?

Entra ID defines who can access production systems, cloud resources, and business applications. Yet many identity changes still happen manually – without versioning, drift visibility, or rollback capabilities.

Backing up and governing Entra ID ensures:

• Configuration Cyber Resilience – Recover users, roles, groups, and policies after mistakes or incidents.
• Change Visibility – Track and review identity configuration changes over time.
• Drift Detection – Identify manual changes that bypass Infrastructure as Code.
• Audit Readiness and guardrails  – Have a clear RTO/RPO number for your Idindy layer.  Apply the same compliance guardrails across identity and infrastructure.

Introducing Support for Cyber Resilience

ControlMonkey now supports Microsoft Entra ID backup and recovery.
With this release, teams gain:

• Entra ID Visibility Inventory – Full visibility into users configuration, groups, roles polices, enterprise applications, and policies.
• IaC Blind Spot Detection – See which Entra ID resources are IaC-managed and which are not.
• Daily Entra ID Backup Snapshots – Automated configuration backups.
• Disaster Recovery Time Machine – Restore Entra ID to a previous known-good state 
• Import to IaC – Bring unmanaged identity resources under IaC control.
  

Daily configuration versioning allows teams to investigate access history, recover from misconfigurations, and ensure compliance without manual reconstruction.

Identity Resilience Meets Cloud Governance

See how ControlMonkey reduces risk and brings cyber resilience  daily backup to Entra ID. Turn your identity configuration into code – and your code into control.

Book Intro Call

Azure teams often rely on Bicep alongside Terraform for managing their infrastructure with code, and without unified visibility, recovery gaps go unnoticed until it’s too late.

ControlMonkey now supports Azure Bicep as part of its IaC coverage model, extending visibility and disaster recovery awareness to Azure-native infrastructure.

This capability is available to all ControlMonkey customers starting today.

Key benefits Azure Bicep Backup & Visibility:

• Full visibility into Azure resources managed by Bicep
• Clear separation between codified and non-codified infrastructure
• Improved disaster recovery readiness for Azure-native stacks
• Reduced blind spots during ransomware or cyber incidents
• IaC visibility and recovery coverage across Terraform, CloudFormation, and Bicep

Cloud Infrastructure with Full IaC Visibility

Codified infrastructure can be restored after configuration loss or compromise. Unmanaged resources lack a reliable recovery path.

By including Azure Bicep in its IaC coverage, ControlMonkey helps teams:

• Understand recovery readiness across Azure environments
• Identify hidden DR risks caused by non-codified resources
• Strengthen cloud governance without forcing tool migrations
• Plan incident response with confidence during cyber or ransomware event.

This helps teams understand recovery readiness in environments that use multiple IaC frameworks.

Ready to see what’s recoverable and what isn’t?

Explore Azure Bicep visibility in ControlMonkey today.

With customers like Rapyd, Coralogix, and ReasonLabs already benefiting from compliance visibility, ControlMonkey is raising the bar for proactive cloud governance.

For teams managing their Terraform, OpenTofu, or Terragrunt environments, compliance is often a moving target. The new Cloud Compliance Dashboard in ControlMonkey delivers a unified, drill-down view into your compliance posture across AWS, Azure, and GCP helping you identify gaps before they turn into risks.

Introducing Cloud Compliance Dashboarding

The Compliance Dashboard gives DevOps and Cloud managers the ability to select relevant standards, track consolidated scores, and drill down into failed controls and resources.

Supported frameworks include:

• CIS Benchmarks (2.0, 2.1, 3.0)
• PCI DSS 4.0
• HIPAA Security Rule
• MITRE ATT&CK
• ENS_RD2022 (Spanish National Security Framework)
• DORA Regulation
• And more – Full List below

Teams can move from high-level compliance scores down to specific failed checks, pinpoint which resources triggered non-compliance (for example, an exposed EC2 instance), and shift compliance from reactive audits to proactive prevention.

Stay Ahead with Cloud Governance and Infrastructure Control

The dashboard provides decision-makers with measurable clarity. I Teams can continuously check compliance instead of just reacting to audit findings. They can enforce IaC policies on a large scale and strengthen infrastructure pipelines. This means:

• Improved visibility into your compliance score
• Reduced risk with drill-down checks at the resource level
• IaC alignment through proactive enforcement
• Scalable governance across multi-cloud environments

“When teams gain full visibility and proactive compliance controls, they stop reacting to problems and start preventing them. That’s how you consistently raise your compliance score.” said Ori Yemini, CTO, ControlMonkey

Customer Perspectives

2 of Control monkey customers already enjoying full IaC coverage visibility:

More IaC coverage means fewer security issues — period. What stood out with ControlMonkey was how easy it became to do things the right, modern way. When infrastructure and security teams can finally collaborate by design, that’s when security actually works

Nir Rothenberg

CISO

As a company that manages huge clusters of AWS resources, the ControlMonkey Platform and specifically its GitOps pipeline capabilities is an integral part of our infrastructure deployment process, enabling us to shift left our infrastructure policies, best practices, and guardrails to make sure our production environment is stable, compliant and secure

Yoni Farin

Coralogix

See it for yourself

Join our next Product Showdown to experience the Cloud Compliance Dashboard in action.

Supported Frameworks include:

Find below full list of framework support by cloud provider:

AWS

• CISA
• SOC 2
• CIS Benchmarks (1.4, 1.5, 2.0, 3.0, 4.0.1, 5.0)
• MITRE ATT&CK
• GDPR
• AWS Foundational Security Best Practices
• ISO/IEC 27001:2013 & 2022
• KISA ISMS-P 2023 (incl. Korean version)
• HIPAA Security Rule
• GxP 21 CFR Part 11
• GxP EU Annex 11
• NIST 800-171 Rev 2
• NIST 800-53 Rev 4 & Rev 5
• PCI DSS 4.0 & PCI DSS 3.2.1
• AWS Well-Architected Framework (Security & Reliability Pillars)
• AWS Account Security Onboarding
• AWS Foundational Technical Review
• AWS Audit Manager Control Tower Guardrails
• NIST Cybersecurity Framework (CSF) 1.1
• ENS_RD2022
• RBI Cyber Security Framework
• FFIEC Cybersecurity Assessment
• FedRAMP (Low & Moderate, Rev 4)
• NIS2 Directive

Azure

• PCI DSS 4.0
• SOC 2
• ISO/IEC 27001:2022
• CIS Benchmarks (2.0, 2.1, 3.0, 4.0)
• ENS_RD2022
• MITRE ATT&CK
• NIS2 Directive

GCP

• MITRE ATT&CK
• SOC 2
• CIS Benchmarks (2.0, 3.0, 4.0)
• ENS_RD2022
• PCI DSS 4.0
• ISO/IEC 27001:2022
• NIS2 Directive

Azure Organization Integration is now available in ControlMonkey, making it easier than ever for enterprises to govern and scale their Azure environments. For teams managing their Terraform, OpenTofu, or Terragrunt deployments across multiple subscriptions, this integration eliminates the need to onboard subscriptions one by one – delivering instant visibility, compliance, and automation at scale.

Introducing Azure Organization Integration

With Azure Organization Integration, ControlMonkey now supports seamless onboarding across dozens—or even hundreds—of Azure subscriptions in just a click.
You can also control what subscriptions to connect to ControlMonkey by choosing one or more Azure Management Groups.

Top benefits include:

• One-click onboarding for all Azure subscriptions
• Unified cloud inventory across the entire Azure footprint
• Automated backups spanning every subscription
• Consistent IaC governance across cloud environments
• Enterprise-ready scale to support regulated and governed organizations

“For enterprises operating Azure at scale, onboarding and governance must be frictionless. With Azure Organization Integration, we’re giving customers complete visibility, backup, and IaC governance across every subscription in just one step"

Ori Yemini

CTO, ControlMonkey

ControlMonkey for Cloud Governance 

By extending our multi-cloud enterprise capabilities, Azure Integration ensures teams:

• Gain visibility across all Azure subscriptions without manual setup
• Reduce risk with governed, consistent controls across accounts
• Strengthen IaC adoption and compliance at enterprise scale
• Confidently operate in regulated environments with full coverage

Ready to take control?

Explore Azure Organization today and bring order to your multi-subscription cloud – Lean More in our Product Showdown Next Week.

ControlMonkey now offers a unified Cloud Inventory view. With our latest update, users can search and visualize resources across all cloud providers- AWS, Azure, and GCP in a single dashboard. Whether you’re managing a global architecture or multiple cloud accounts, ControlMonkey brings total Cross Cloud Visibility and control to your fingertips.

Introducing Cross-Cloud Visibility in Cloud Inventory 

With multi-cloud inventory search, ControlMonkey users can now:

• Search and find any resource: like Queues, Load Balancers, or Buckets – across clouds and accounts in seconds
• Instantly spot IaC coverage gaps, including unmanaged resources by cloud, region, and state
• Drill down to any asset and see if it’s managed by IaC, where it the code in your version control system that manages that asset, and by which ControlMonkey stack

Stay Ahead with Cross-Cloud Visibility and Governance

As cloud environments grow in complexity, visibility becomes non-negotiable. ControlMonkey’s new Cloud Inventory ensures DevOps and CloudOps teams can confidently track and govern resources across regions, vendors, and IaC states — Get time with us today!

Unauthorized console operations, aka “ClickOps,” are one of the major causes of Terraform Drifts that lead to costly production misconfigurations. It also bypasses the golden path of deploying infrastructure with a clear SDLC (Software Development Life Cycle)process.
Tracking infrastructure changes, ensuring cloud vs code integrity, and avoiding configuration drifts is an ongoing battle.
Today, we’re happy to bring our ClickOps scanner feature to Azure, giving cloud teams total real-time visibility into every infrastructure change made from the Azure console.

ClickOps Scanner for Azure

In large-scale cloud environments, every change made through the Azure console can potentially cause drifts, misconfigurations, or security risks.
Azure users now have a single source of truth for every change happening across their infrastructure.

ControlMonkey’s ClickOps Scanner for Azure is a simplified insights dashboard where users can easily understand:

• How many Console Operations (ClickOps) have been made on an Azure subscription at a given timeframe
• How many Other Operations (IaC) have been made on an Azure subscription at a given timeframe
• The breakdown of the operations by User
• The breakdown of the operation by Resource
• The complete audit of all cloud events with detailed information for quick investigation

With ClickOps Scanner for Azure, ControlMonkey users can now:

• Monitor every change in real-time across Azure subscriptions, whether intentional or unexpected.
• Resolve Terraform Drifts faster by quickly detecting the Cloud Event (ClickOps) that caused the configuration drift and shorten investigation and resolution times.
• Ensure compliance and security by keeping a complete audit trail of all infrastructure changes made through code or the console.
• Speed up debugging and root cause analysis. Quickly trace changes back to their source and understand the impact of every action.

Total Cloud Control for Azure

The ControlMonkey Terraform Automation Platform helps Azure users standardize, optimize, and secure their cloud infrastructure. ControlMonkey provides the necessary solutions to achieve Total Cloud Control with Terraform, whether managing a few subscriptions or an enterprise-scale Azure deployment.

Ready to take control of your infrastructure?
Meet with our Terraform experts for a 30-minute technical call to learn more.

Today, we are pleased to announce another milestone in our support for Azure with the release of our Custom Terraform Modules Creation Wizard.

Following the major announcement of our Terraform Import Engine for Azure, our Azure users can now build custom Terraform modules with just a few clicks.
This enhancement makes our Terraform Import Engine a 360 automated solution that simplifies the import of Azure resources to Terraform.

Rather than spending time manually writing Custom Terraform Modules, the ControlMonkey Terraform Import Dashboard provides the easiest way to create modules with a user-friendly wizard in a few clicks.

After selecting which resources to bundle together, ControlMonkey automatically generates the Terraform module code. It’s as easy as that.

After the code is generated, users can rename the resources and extract variables to customize it even further.  

ControlMonkey saves cloud engineers precious time and improves productivity: 

• Automatically generates the Terraform module code rather than manually.
• Determines the relationship between the resources by leveraging ControlMonkey’s
  ‘Smart Stacking’ technology.
• Replicates resources or environments in a fast and productive way. 

Do you have Azure infrastructure that you’re looking to manage with Terraform?
ControlMonkey offers the easiest and most swift way to do it.

Are you interested in learning more and seeing it for yourself?
Book a 30-minute technical discussion with our Terraform Experts.

In the past few months, our engineering team has been developing more and more Azure capabilities to enhance our multi-cloud support of the ControlMonkey Platform.
With exciting releases such as Resource Explorer, Managed Policies, and Azure IaC Coverage, our Azure users can now leverage advanced Terraform Automation solutions to manage and govern their Azure environments.

So, we are delighted to announce that we have released ControlMonkey’s Terraform Import Engine for Azure Users!

ControlMonkey’s Terraform Import Engine for Azure

Starting today, ControlMonkey users with legacy infrastructure can easily shift their Azure resources to Terraform with our AI-powered Terraform Code Generator.
ControlMonkey’s Terraform Import Engine automatically detects Azure resources not managed with Terraform and generates the code representing the resources’ current state with a single click.
Our platform also generates the Terraform state file, so you don’t need to run any ‘Import’ commands or use any ‘Import’ blocks within your code and then run ‘Apply.’

Using our Smart Stacking contextual algorithm, we can identify which resources are related to each other and automatically generate ready-to-import stacks.

Importing 1000s of Azure resources to Terraform has never been easier:

• Visualize how many resources are not managed with Terraform and their cost with the option to filter by region.

• Select the stacks to import to Terraform and choose the import method. You can also search and filter by resource type.

• Get a 100% verified Terraform code and state file that matches your resource’s configuration.

Benefits of leveraging ControlMonkey’s Terraform Import Engine for Azure:

1. Generate Terraform code in 75% less time.
2. Increase Terraform coverage to 99%.
3. Out-of-the-box automatic custom Terraform Module creation.
4. Save thousands of DevOps hours by eliminating manual Terraform code writing.

Do you have Azure infrastructure that you’re looking to shift to Terraform?
ControlMonkey offers the easiest and most swift way to do it.
Are you interested in learning more and seeing it for yourself? Book a 30-minute technical discussion with our Terraform Experts.

2 months ago, we announced the support of Resource Explorer for Azure environments, which was the first major release for ControlMonkey on Azure.
We’re happy to announce another milestone in our multi-cloud support with ControlMonkey
IaC Coverage Dashboard for Azure.

Starting today, ControlMonkey customers with Azure environments can gain visibility into their Azure Subscriptions and understand:

1. What is their IaC coverage across their subscription
2. What is the IaC coverage per region
3. How many resources are unmanaged by IaC

As well as:

1. Top Azure resources and their IaC coverage
2. IaC Coverage over time
3. IaC Distribution across IaC tools

With this new capability, companies running Azure workloads at scale with multiple subscriptions in multiple regions can get a bird’s-eye view of their IaC coverage.

The release of Azure IaC Dashboard reinforces ControlMonkey’s multi-cloud capabilities and provides our customers with a centralized view across clouds, subscriptions/accounts, and regions.

This is just the tip of the iceberg. We have many exciting new capabilities for our Azure customers planned until the end of the year, so stay tuned!

Running on Azure? Our team would love to jump on a call and show you how ControlMonkey can help.

We are excited to announce another milestone in our multi-cloud support, with a major enhancement to our Terraform CI/CD solution.
Starting today, ControlMonkey’s Managed Security Policies are also available for Azure Cloud!

These Security Policies are predefined, managed, and maintained by ControlMonkey.
Rather than writing and maintaining common security policies with OPA, you get managed security policies that are enforced whenever someone changes your Terraform code right out of the box.

Cloud Engineering teams can granularly select which unit of deployment the Security Policy will be enforced and the enforcement level (warning or block).
So, if you need to separate and divide your policy enforcement across environments, you can easily do that with ControlMonkey.

The benefits of Managed Security Policies:

• You get a library of pre-defined security policies straight out of the box.
• Save time on writing, managing, and maintaining these policies.
  ControlMonkey does all the heavy lifting for you.
• By shifting left your security, you are:
  • Preventing security issues before they reach production
  • Saving time on manual code review.
  • Enable a proactive operations mode Vs. reacting to security misconfigurations.
  • Educating Cloud Engineering teams on the organization’s security standards.

If you’re using Azure today and looking to turn on your proactive mode, let’s talk.