Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Compromised agent pools in pipelines can allow build process breaches. While creating agent pools isn't inherently malicious, their infrequent creation makes them notable for Azure DevOps monitoring.
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | AzureDevOpsAuditing |
| ID | 76f626e0-4c78-47d4-aeb6-eaa59f4f2ecb |
| Tactics | DefenseEvasion |
| Techniques | T1578 |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
ADOAuditLogs_CL |
? | ✓ | ? |
AzureDevOpsAuditing |
✓ | ✗ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊