New Alerts in Azure Security Center

As new attacks are discovered and validated, new security alerts will be created in Azure Security Center. This is an ongoing process, which is part of the "Detection Factory", explained below:


Yesterday we updated the Security alerts by type in Azure Security Center article to include the following new virtual machine behavioral analysis type of alerts:

  • Local Administrators group members were enumerated
  • Anomalous mix of upper and lower case characters
  • Suspected Kerberos Golden Ticket attack
  • Suspicious account created
  • Suspicious Firewall rule created
  • Suspicious combination of HTA and PowerShell

Go check it out, and stay safe!


Comments (0)

Skip to main content