Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This query searches for any files in Cloud App Events that have trigger a security alert.
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | GitHub Only |
| ID | a1adce9c-5945-4a20-984e-d95b6071a791 |
| Severity | Medium |
| Kind | Scheduled |
| Tactics | Collection |
| Techniques | T1074 |
| Required Connectors | MicrosoftThreatProtection, MicrosoftCloudAppSecurity |
| Source | [View on GitHub](https://github.com/Azure/Azure-Sentinel/blob/master/Hunting Queries/MultipleDataSources/SuspiciousActivitiesRelatedToConfidentialDocuments.yaml) |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊