Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Identifies when sensitive Azure Key Vault operations are used. This includes: VaultDelete, KeyDelete, SecretDelete, SecretPurge, KeyPurge, SecretBackup, KeyBackup. Any Backup operations should match with expected scheduled backup activity.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Azure Key Vault |
| ID | 884ead54-cb3f-4676-a1eb-b26532d6cbfd |
| Severity | Low |
| Status | Available |
| Kind | NRT |
| Tactics | Impact |
| Techniques | T1485 |
| Required Connectors | AzureKeyVault |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
AzureDiagnostics 🔶 |
ResourceType == "VAULTS" |
? | ✗ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊