> The tech giant’s “lack of proper detailed security documentation” left reviewers with a “lack of confidence in assessing the system’s overall security posture,” according to an internal government report reviewed by ProPublica. > > Or, as one member of the team put it: “The package is a pile of shit.”
Yes, it seems pretty clear from that quote that the reviewer said the security package was a `pile of shit`, and propublica went on to extend that to the cloud itself. Not that I want to comment on the merits of Azure's security, but that sounds pretty clickbaity from propublica to me. A more appropriate title would have been
> Federal Cyber Experts Thought Microsoft’s Cloud Security documentation Was “a Pile of Shit.”
MS was (and still is it seems) unable to produce the data flow diagrams that FedRAMP wanted, ones that other cloud providers had no problem with. If the documentation is in such dire state, then the system itself is likely to also be in a dire state. I.e. The documentation is a pile of shit, so the system is also a pile of shit.