Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This query identifies A365 AI agents that contain hard-coded credentials in their tools or actions. Storing credentials in clear text within agent logic creates a security risk because these secrets can be exposed to unintended users or attackers. If compromised, credentials could allow unauthorized access to external systems, APIs, or sensitive data. Recommended Action: Avoid embedding credentials directly in Tools or Actions. Use secure alternatives such as Azure Key Vault with environment
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | GitHub Only |
| ID | 1a2b3c4d-5e6f-7a8b-9c0d-1e2f3a4b5c6d |
| Tactics | CredentialAccess, InitialAccess |
| Techniques | T1552, T1078 |
| Source | [View on GitHub](https://github.com/Azure/Azure-Sentinel/blob/master/Hunting Queries/AI%20Agents/A365%20Connector/AIAgentsHardCodedCredentials.yaml) |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊