cd
Toggle Menu
whoami
detection
blog
tags
Detections tagged with
Misconfiguration
Jan 3, 2025
2025-01-03: Azure Activity - Public Access Enabled on Storage Account
#KQL
#Sentinel
#Azure Storage Account
#Misconfiguration
#T1562.007
#T1530
Jan 7, 2025
Azure Key Vault - Vault Access Configuration Modified
#KQL
#Sentinel
#Azure Key Vault
#Misconfiguration
#T1555.006
#T1556
Jan 14, 2025
AWS CloudTrail - Console Login Without MFA
#KQL
#Sentinel
#AWS CloudTrail
#Misconfiguration
#T1078.004
Jan 19, 2025
Azure Key Vault - User Adds Themselves to a Vault Access Policy
#KQL
#Sentinel
#Azure Key Vault
#Misconfiguration
#T1555.006
#T1556
Jan 20, 2025
MDE - MDE Exclusion Added or Modified
#KQL
#Sentinel
#MDE
#Misconfiguration
#T1562.001