Overview
the Cye Exposure Management Platform’s Azure Engagement continuously monitors your Azure environment to identify misconfigurations, potential vulnerabilities, and cloud-specific risks. This article explains how to integrate your Azure tenant with the Cye Exposure Management Platform, create the engagement, and understand what happens once the assessment is live.
Step 1: Define the Azure Integration
Before creating the engagement, connect the Cye platform to your Azure tenant.
Click your user icon in the top-right corner and go to Settings.
In the left-hand menu, select Integrations.
Click the Azure tile:
Fill in the following authentication fields:
Name – A label to identify this integration in the Cye platform
Azure Tenant ID – The ID of the Azure tenant to be assessed
Click Authenticate. You’ll be redirected to a Microsoft login page:
Sign in with an account that has Global Administrator rights.
Review the requested read-only permissions and click Accept.
✅ the Cye platform installs a CYE Azure Enterprise application with Global Reader access. You’ll see a confirmation once the authentication is validated:
[Optional] Include Azure Subscriptions
If your tenant has subscriptions, the Cye platform strongly recommends including them:
Toggle My Azure environment includes subscriptions to On
Follow the displayed steps to authorize access across subscriptions
Log in to Azure Portal
Open the Cloud Shell
Set up storage if prompted:
Copy the PowerShell script from the Cye platform and run it in the shell:
This script grants the CYE app Reader access to all subscriptions
Once complete, return to the Cye platform and click Save
A green banner will confirm that your Azure integration is successfully configured:
Step 2: Create the Azure Engagement
In the Cye platform, click the Engagements icon in the left navigation.
Click + New Engagement.
Fill out the following:
Engagement Name – Free-text label (e.g., “CustomerX – Azure Risk Assessment”)
Engagement Type – Select Azure:
Schedule Time – Defaults to Continuous and cannot be changed
Start Date / End Date – Define the assessment period
Short Description (optional)
Customer Restrictions (optional) – Any notes for the CYE team
Click Next
Step 3: Define the Scope
On the Assessment Scope page, select your previously created Azure integration:
If no integration is listed, click New/Modify Definition to create one
Click Create to finalize the engagement.
Step 4: Assign Members
Select users or groups that should have access to this engagement
Only added members will be able to view results like findings and assets
Click Done
What Happens Next?
The engagement will appear in Pending status
The CYE services team will activate it
Once active, the Cye platform will begin continuous scanning of your Azure environment
What You’ll See:
Vulnerability Findings – Automatically identified misconfigurations and exposures
Potential Findings – Issues flagged for your team to validate
Remediation Assets – Linked to each finding and automatically tracked
Automatic Remediation Verification – the Cye platform updates status when fixes are detected
All results are surfaced in your Findings view, and contribute to your Exposure Metrics and Mitigation Plans.
Important notes
A completed Azure integration is required before engagement setup
You must have Global Admin rights for authentication
Including subscriptions is optional but highly recommended
The engagement runs continuously once activated
Wrap-up / Next Steps
Azure environments can be complex — the Cye platform makes them easier to secure. Once activated, this engagement runs in the background, flagging misconfigurations and helping you prioritize what to fix next. It’s one of the most powerful ways to maintain real-time cloud visibility.