Azure · IAM · AI Security · Architecture

Your shield for Cloud, Identity & AI Security

Practitioner-grade insights on Azure security, identity architecture, data protection, and securing AI systems — built by a security architect, for the community.

Read the blogExplore free tools
6
Security domains
OSS
Free & open source
कवच
Shield in Sanskrit
scroll
Coverage areas

Six domains. One shield.

☁️

Azure cloud security

Azure

Secure landing zones, Defender for Cloud, Sentinel, and cloud-native architecture patterns.

🔑

IAM & identity

IAM

Entra ID, Zero Trust, PIM, Conditional Access, and identity threat detection.

🗄️

Data security

Data

Microsoft Purview, data classification, DLP strategies, and encryption at scale.

📋

Security assessment

Assessment

Assessment frameworks, methodologies, reporting templates, and risk scoring.

🏗️

Security architecture

Architecture

SABSA, threat modeling, reference architectures, and design principles.

🤖

AI security

AI

LLM threat modeling, OWASP AI Top 10, securing Azure OpenAI and Copilot.

Latest insights

From the blog

All posts →
AI SecurityFeatured

AI threat modeling: what most teams get wrong

Why traditional threat models fail for LLM-based systems and how to design ones that actually work.

Jan 20258 min read
Read →
IAM

Zero Trust identity in Azure — a practitioner's guide

Real-world implementation patterns beyond the marketing slides. What works, what doesn't.

12 min readRead →
Azure

Securing your Azure landing zone from day one

Architecture decisions that are hard to reverse — get them right before you scale.

10 min readRead →
Open source

Free tools for practitioners

All tools are free, open source, and built to solve real problems in security teams.

GitHub org →
🧠

AI Threat Model Toolkit

Live

Ready-to-use threat modeling templates for LLM and GenAI applications, mapped to OWASP LLM Top 10. Includes STRIDE analysis and Azure OpenAI examples.

AI SecurityOWASPTemplatesFree
⭐ New
View project
🔍

Azure Security Baseline Checker

Soon

PowerShell + Python scripts to audit Azure subscriptions against CIS benchmarks and output a prioritized remediation report.

AzureCISAutomationPowerShell
⭐ Coming soon
View project
👤

IAM Risk Analyzer

Soon

Identify over-privileged identities, stale accounts, and risky role assignments in Microsoft Entra ID. Outputs a risk dashboard.

IAMEntra IDRiskGraph API
⭐ Coming soon
View project
About

Built by a practitioner, for the community

CyberKavach.ai is a security knowledge hub focused on the intersection of Azure cloud security, identity architecture, and AI security — built by a security architect with hands-on experience designing and assessing enterprise security programs.

The mission is simple: share real, practitioner-grade insights and free tools that help security teams build better defenses — not marketing content.

Azure SecurityIAMAI SecurityArchitectureData SecurityAssessment
📬

Stay sharp

Get security architecture insights, new tool releases, and curated Azure security updates — straight to your inbox. No spam, unsubscribe anytime.

Join security practitioners getting weekly insights