Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This hunting query will detect instances where a balanced boolean query, e.g. "true=true", is observed in an SQL query sent to the server. Balanced boolean queries are commonly used by attackers to test of SQL injections vulnerabilities
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | Azure SQL Database solution for sentinel |
| ID | 4cda0673-37f9-4765-af1f-556de2295cd7 |
| Tactics | InitialAccess |
| Techniques | T1190 |
| Required Connectors | AzureSql |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
AzureDiagnostics 🔶 |
Category == "SQLSecurityAuditEvents" |
? | ✗ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
↑ Back to Hunting Queries · Back to Azure SQL Database solution for sentinel