SenservaPro
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Publisher | Senserva |
| Support Tier | Partner |
| Support Link | https://www.senserva.com/contact/ |
| Categories | domains |
| Version | 2.0.2 |
| Author | Senserva - support@senserva.com |
| First Published | 2022-06-01 |
| Solution Folder | SenservaPro |
The SenservaPro solution provides a viewing experience for your SenservaPro scanning logs. View dashboards of your data, use queries to hunt & explore, and create custom alerts.
Underlying Microsoft Technologies used:
This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:
a. Azure Monitor HTTP Data Collector API
Contents
Data Connectors
This solution provides 1 data connector(s):
🔶 CLv1: This connector ingests into a table that uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g.
_s,_d,_b,_t,_g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.
Tables Used
This solution uses 1 table(s):
| Table | Used By Connectors | Used By Content |
|---|---|---|
SenservaPro_CL 🔶 |
SenservaPro (Preview) | Analytics, Hunting, Workbooks |
🔶 CLv1: This table uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g.
_s,_d,_b,_t,_g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.
Content Items
This solution includes 33 content item(s):
| Content Type | Count |
|---|---|
| Analytic Rules | 15 |
| Hunting Queries | 15 |
| Workbooks | 3 |
Analytic Rules
Hunting Queries
| Name | Tactics | Tables Used |
|---|---|---|
| Application not using client credentials | Impact | SenservaPro_CL |
| Azure Secure Score Self Service Password Reset | Impact | SenservaPro_CL |
| Azure secure score MFA registration V2 | CredentialAccess | SenservaPro_CL |
| Azure secure score PW age policy new | CredentialAccess | SenservaPro_CL |
| Azure secure score admin MFA V2 | Impact | SenservaPro_CL |
| Azure secure score block legacy authentication | CredentialAccess | SenservaPro_CL |
| Azure secure score integrated apps | Exfiltration | SenservaPro_CL |
| Azure secure score one admin | Impact | SenservaPro_CL |
| Azure secure score role overlap | Impact | SenservaPro_CL |
| Azure secure score sign in risk policy | Impact | SenservaPro_CL |
| Azure secure score user risk policy | Impact | SenservaPro_CL |
| Non-admin guest | InitialAccess | SenservaPro_CL |
| Service principal not using client credentials | InitialAccess | SenservaPro_CL |
| Stale last password change | InitialAccess | SenservaPro_CL |
| UserAccountDisabled | InitialAccess | SenservaPro_CL |
Workbooks
| Name | Tables Used |
|---|---|
| SenservaProAnalyticsWorkbook | SenservaPro_CL |
| SenservaProMultipleWorkspaceWorkbook | SenservaPro_CL |
| SenservaProSecureScoreMultiTenantWorkbook | SenservaPro_CL |
Release Notes
| Version | Date Modified (DD-MM-YYYY) | Change History |
|---|---|---|
| 3.0.0 | 11-11-2023 | Modified text as there is rebranding from Azure Active Directory to Microsoft Entra ID. |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊