Threat protection in Azure Security Center
This mind map is about Threat protection in Azure Security Center. Start to use a mind map to express and organize your ideas and knowledge right now.
Tags:
Similar Mind Maps
Outline


ASC Simulations


Integrated threat intelligence
Outbound communication to a malicious IPaddress
Digital Crimes Unit
3rd Party Lists
Cloud Service Provider sharing
Microsoft Security Response Center
Behavioral analytics
Suspicious process execution
Hidden malware and exploitation attempts
Lateral movement and internalreconnaissance
Malicious PowerShell Scripts
Outgoing attacks
Anomaly detection
Inbound RDP/SSH Brute force attacks

PreAttack
IntialAccess
Persistence
PrivilegeEscalation
DefensiveEvasion
CredentialAccess
Discovery
LateralMovement
Execution
Collection
Exfiltration
CommandAndControl
Impact

Azure Kubernetes Service
exposed K8s dashboards
creation of high privileged roles
creation of sensitive mounts
Host level
web shell detection
Suspicious Logins
Privileged container creation
SSH Server hosted in container
suspicious access to API
Exposed Docker API \ Services
Azure Container Registry images
Vulnerability management

SQL Database PaaS\IaaS\On-Prem
SQL Injection
Suspicious Logins
SQL Brute Force
High priv SQL commands
Unusual Export location
Azure Storage
Azure Cosmos Database
Azure Network Layer
Azure KeyVault
Azure Resource Manager Management APIs
Azure App Service

AuditD
crypto mining campaign
bash scripts
password spray
Fileless Attack

Crash dump analysis
Shell code discovered
Code injection discovered
Masquerading Windows Module Detected
Fileless attack
memory process contains attack toolkit
shell code
Microsoft Defender ATP
PowerShell scripts
Fileless malware
Credential dumping
Event ID 4688 A new process has been created
SQL Brute Force
Cypto mining attack