Refresh Azure CIS v6 Entra scope

[x0tta6bl4-ai]

Summary

• Refreshes azure-review from a CIS Azure v2.1.0-only model to CIS Microsoft Azure Foundations v6.0.0-aware reporting.
• Adds benchmark preflight fields for version, source date, evidence source, legacy baseline, Entra scope handling, and denominator source.
• Separates Entra ID/Microsoft 365 identity evidence from current Azure Foundations scoring unless explicitly included as Microsoft 365/Entra scope or legacy v2.1.0.
• Replaces the stale nine-section v2.1.0 checklist with v6-aware Azure service-family guidance, version mapping rules, scoring rules, and legacy handling.
• Adds benign and vulnerable fixtures showing correct Entra boundary handling versus a stale v2.1.0 report that scores Entra controls as current Azure compliance.

Bounty

• Closes [REVIEW] azure-review: refresh CIS Azure v6 scope and Entra boundary #209
• Category: Skill Improvement
• Suggested tier: Moderate ($100) because this updates the default benchmark baseline, output schema, Entra boundary model, scoring rules, checklist guidance, references, and fixtures.
• Preferred payment method: crypto to 0x6017613e80d7893EB2aD5c0585b3f1f88CD6e099

Verification

• git diff --check
• Markdown fence balance check for touched markdown files
• Frontmatter delimiter check for skills/cloud/azure-review/SKILL.md
• Markdown table column check for touched markdown files
• Link checks returned HTTP 200 for CIS May 2026 update, CIS Azure benchmark page, NIST NCP checklist, Microsoft Defender for Cloud docs, Microsoft Entra docs, Azure Storage security guide, Azure Key Vault best practices, Azure App Service security, and Terraform AzureRM provider docs
• CIS May 2026 content check confirmed CIS Microsoft Azure Foundations Benchmark v6.0.0, 1 recommendation added, 17 updated, 30 deleted, and Entra ID recommendations migrated to CIS Microsoft 365 Foundations Benchmark
• NIST NCP content check confirmed public CIS Microsoft Azure Foundations Benchmark checklist record v4.0.0, Checklist ID 1278, publication/update dates

Sources

• CIS Benchmarks May 2026 Update: https://www.cisecurity.org/insights/blog/cis-benchmarks-may-2026-update
• CIS Microsoft Azure Foundations Benchmark: https://www.cisecurity.org/benchmark/azure
• NIST NCP checklist for CIS Microsoft Azure Foundations Benchmark: https://ncp.nist.gov/checklist/1278

Bounty Terms

• I have read and agree to the CONTRIBUTING.md bounty terms.

[kamalsrini]

Thanks for contributing to SecuritySkills, and for your interest in the project 🙏

We're resetting the contribution queue, so we're closing the currently open PRs — this isn't a reflection of your work, and you're welcome to resubmit.

When you do, please include evidence that the skill was actually used: the skill run against a real repository, with the findings it produced. That's how we recognize genuinely useful contributions, and it's where strong work stands out. The PR template lays out exactly what to include: https://github.com/UnitOneAI/SecuritySkills/blob/main/.github/PULL_REQUEST_TEMPLATE.md