Runecast Analyzer 5.0 with Azure analysis


Runecast released the new Runecast Analyzer 5.0 providing the capability to analyze the Azure environment against best practices and compliance with CIS Benchmarks security standard.

The new release introduces also the Australian Signals Directorate (ASD) Essential 8 and a new licensing model for a better flexibility.


Runecast Analyzer 5.0 features


Azure analysis

Version 5.0 provides the capability to analyze Azure environment by presenting the results in a new dedicated dashboard as well as the global view. This new feature is licensed as a separate module and it is based on VM instances, SQL (DB and Server), and Azure Functions.

Runecast Analyzer covers the following services in Azure:

  • Azure Active Directory
  • Azure App Services
  • AKS (Azure Kubernetes Service)
  • Disks
  • Key Vault
  • MySQL Server
  • Network Security Groups
  • PostgreSQL Server
  • SQL Server
  • Storage Accounts
  • Subscriptions
  • Virtual Machines

Enable Azure analysis

To analyze Azure, you need first to connect Runecast Analyzer to your Azure account by creating in Azure Directory an Application ID and the Client Secret.

To retrieve your application Azure account, login to and go to Azure Active Directory > App registration area then click on the desired application.


Write down Application (client) ID and Directory (tenant) ID.


Go to Certificates & secrets section and retrieve the Client secret.


In Runecast Analyzer, go to Settings > Connections and click Add Azure under Azure connection settings.


Paste Directory (tenant) ID, Application (client) ID, and Client Secret values previously copied. Click Continue.


When the connection has been established, click Finish.


The connected Directory (tenant) and Application (tenant).


From the All Systems drop-down menu, also the Azure system is now displayed.


Version 5.0 provides a new and dedicated Azure Dashboard. Click on Analyze now to check your Azure environment against best practices and security compliance.



Australia’s Essential 8 standard

Runecast already introduced in previous releases the support for security standards such as CIS Benchmarks, NIST, ISO 27001, GDPR, DISA STIG, PCI-DSS, HIPAA, BSI IT-Grundschutz (Germany), Cyber Essentials (UK), and VMware Security Configuration Guide.

In version 5.0, Runecast provides the region-specific Australia's Essential 8 standards that allows to identify and mitigate an array of compliance of risk, security issues throughout IT infrastructure from a single pane of glass.

To enable this new feature, go to Settings > Knowledge Profiles and click on the Edit button.


Select Essential Eight profile and click Update.


The new security profile has been enabled.



New licensing model

To optimize costs based on the production environment, Runecast 5.0 introduces a new licensing model dividing the licensing in two main areas:

  • vSphere environment
  • Public Cloud environment

AWS, Azure and Kubernetes - these licenses are now separated from the existing VMware licensing. This model removes the vSphere dependency avoiding to license hosts that in these environments are useless.

Billable assets for the public cloud environment are the following:

  • Azure - VM instances, SQL (DB and Server), and Azure functions
  • AWS - EC2 instances, RDS instances and Lambda functions
  • Kubernetes - Nodes

For VMware environment, Runecast is licensed per-Socket in use and covers vSphere, vSAN, NSX, Horizon and VMware Cloud Director.

Check out the Licensing & Pricing page for additional info.

In addition, Runecast Analyzer can now be deployed from AWS marketplace and directly to Kubernetes using the Helm charts.


Runecast Analyzer 5.0 is available to download as 14-day trial.


Leave a Reply