Cloud Service Threat Protection Essentials
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Publisher | Microsoft Corporation |
| Support Tier | Microsoft |
| Support Link | https://support.microsoft.com |
| Categories | domains |
| Version | 3.0.0 |
| Author | Microsoft - support@microsoft.com |
| First Published | 2022-11-16 |
| Solution Folder | Cloud Service Threat Protection Essentials |
| Marketplace | Azure Marketplace · Popularity: ⚪ Very Low (0%) |
| Pre-requisites | Microsoft 365, Azure Activity, Azure Key Vault |
As cloud services increase in popularity, the volume of attacks against them is also increasing. Broad visibility, context and timely detection of these attacks are important for organization as they move more workloads to the cloud. The Cloud Service Threat Protection Essentials contains security content that is relevant for detection of attacks against various cloud services like key vault, storage, compute etc.
For details on the required solutions, see the Pre-requisites section below.
Keywords: Storage, Key Vault, Compute, Office, Mail tampering, Azure, resources
Contents
Pre-requisites
This solution depends on 3 other solution(s):
| Solution |
|---|
| Azure Activity |
| Azure Key Vault |
| Microsoft 365 |
Data Connectors
This solution does not include its own data connectors but uses connectors from dependency solutions:
- Azure Activity (dependency on Azure Activity)
- Azure Key Vault (dependency on Azure Key Vault)
- Microsoft 365 (formerly, Office 365) (dependency on Microsoft 365)
Tables Used
This solution queries 3 table(s) from its content items:
| Table | Used By Content |
|---|---|
AzureActivity |
Hunting |
AzureDiagnostics |
Hunting |
AzureNetworkAnalytics_CL |
Hunting |
Content Items
This solution includes 2 content item(s):
| Content Type | Count |
|---|---|
| Hunting Queries | 2 |
Hunting Queries
| Name | Tactics | Tables Used |
|---|---|---|
| Azure Key Vault Access Policy Manipulation | CredentialAccess | AzureDiagnostics |
| Azure Resources Assigned Public IP Addresses | Impact | AzureActivityAzureNetworkAnalytics_CL |
Release Notes
| Version | Date Modified (DD-MM-YYYY) | Change History |
|---|---|---|
| 3.0.0 | 09-02-2024 | Tagged for dependent solutions for deployment |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊