Product
medium
advisory
Azure Storage Account Deletion Detection
2 rules 2 TTPsThis brief detects the deletion of Azure Storage Accounts which can indicate malicious activity like data destruction, denial of service, or covering tracks after data exfiltration by adversaries.
Azure Storage Account
azure
storage
deletion
impact
2r
2t
low
advisory
Azure Storage Account Key Regeneration
2 rules 2 TTPsDetection of Azure Storage Account key regeneration events, which can signify potential credential access or persistence attempts by adversaries aiming to gain unauthorized access or disrupt services.
Azure Storage Account
azure
credential-access
storage-account
2r
2t
medium
advisory
Azure Storage Account Blob Public Access Enabled
2 rules 1 TTPDetection of Azure Storage Account Blob public access being enabled, potentially allowing external access to blob containers for data exfiltration, as abused by threat actors modifying storage account settings.
Azure Storage Account
azure
storage
data_exfiltration
cloud_security
2r
1t