Merge pull request #100463 from memildin/melvyn-asc-alerts_ref

PRMerger14 · web-flow · commit 3f2a646cc0dc · 2020-01-08T11:32:52.000-08:00
Added two DDoS alerts
diff --git a/articles/security-center/alerts-reference.md b/articles/security-center/alerts-reference.md
@@ -123,6 +123,8 @@ Below the alerts table is a table describing the Azure Security Center kill chai
 |**High volume of operations in a Key Vault**|A larger volume of Key Vault operations has been performed compared with historical data. Key Vault activity is typically the same over time. This may be a legitimate change in activity. Alternatively, your infrastructure might be compromised and further investigations are necessary.|-|
 |**User accessed high volume of Key Vaults**|The number of vaults that a user or application accesses has changed compared with historical data. Key Vault activity is typically the same over time. This may be a legitimate change in activity. Alternatively, your infrastructure might be compromised and further investigations are necessary.|-|
 ||<a name="alerts-azureddos"></a><h3>Azure DDoS Protection</h3> [Further details and notes](security-center-alerts-integration.md#azure-ddos)||
+|**DDoS Attack detected for Public IP**|DDoS Attack detected for Public IP (IP address) and being mitigated|Probing|
+|**DDoS Attack mitigated for Public IP**|DDoS Attack mitigated for Public IP (IP address)|Probing|
 |**Volumetric attack detected**|This attack's goal is to flood the network layer with a substantial amount of seemingly legitimate traffic. It includes UDP floods, amplification floods, and other spoofed-packet floods. DDoS Protection Standard mitigates these potential multi-gigabyte attacks by absorbing and scrubbing them, with global network scale, automatically.|-|
 |**Protocol attack detected**|These attacks render a target inaccessible, by exploiting a weakness in the layer 3 and layer 4 protocol stacks. It includes SYN flood attacks, reflection attacks, and other protocol attacks. DDoS Protection Standard mitigates these attacks, differentiating between malicious and legitimate traffic, by interacting with the client, and blocking malicious traffic.|-|
 |**Resource (application) layer attack detected**|These attacks target web application packets, to disrupt the transmission of data between hosts. The attacks include HTTP protocol violations, SQL injection, cross-site scripting, and other layer 7 attacks. Use the Azure Application Gateway WAF, with DDoS Protection Standard, to defend against these attacks. There are also third-party WAF offerings available in Azure Marketplace.|-|
