Crawl stage: Planning, building, and assessing
The crawl stage starts with planning. Planning involves determining the security scope and choosing the model that best fits your organization. After you establish the plan, you can start building a foundation. This is followed by assessing your current security posture and setting up a discipline as soon as you build the security infrastructure. The crawl stage is iterative. Iteration in the cloud is faster than iteration in an on-premises environment. As you mature your cloud capabilities, the process for iteration accelerates.
The following are the phases in the crawl stage: