Skip to content

Commit 5f1184d

Browse files
rayne-wiselmanrayne-wiselman
committed
fixing last issues
1 parent c13ed54 commit 5f1184d

File tree

3 files changed

+3
-3
lines changed

3 files changed

+3
-3
lines changed

articles/defender-for-cloud/alerts-reference.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -153,7 +153,7 @@ Microsoft Defender for Servers Plan 2 provides unique detections and alerts, in
153153
|**Antimalware unusual file exclusion in your virtual machine**<br>(VM_UnusualAmFileExclusion) | Unusual file exclusion from antimalware extension was detected in your virtual machine by analyzing the Azure Resource Manager operations in your subscription.<br>Attackers might exclude files from the antimalware scan on your virtual machine to prevent detection while running arbitrary code or infecting the machine with malware. | Defense Evasion | Medium |
154154
|**Behavior similar to ransomware detected [seen multiple times]**|Analysis of host data on %{Compromised Host} detected the execution of files that have resemblance of known ransomware that can prevent users from accessing their system or personal files, and demands ransom payment in order to regain access. This behavior was seen [x] times today on the following machines: [Machine names]|-|High|
155155
|**Communication with suspicious domain identified by threat intelligence**<br>(AzureDNS_ThreatIntelSuspectDomain) | Communication with suspicious domain was detected by analyzing DNS transactions from your resource and comparing against known malicious domains identified by threat intelligence feeds. Communication to malicious domains is frequently performed by attackers and could imply that your resource is compromised. | Initial Access, Persistence, Execution, Command And Control, Exploitation | Medium |
156-
|**Container with a miner image detected**<br>(VM_MinerInContainerImage) | Machine logs indicate execution of a Docker container that runs an image associated with a digital currency mining. | Execution | High |
156+
|**Container with a miner image detected**<br>(VM_MinerInContainerImage) | Machine logs indicate execution of a Docker container that run an image associated with a digital currency mining. | Execution | High |
157157
|**Custom script extension with suspicious command in your virtual machine**<br>(VM_CustomScriptExtensionSuspiciousCmd) | Custom script extension with suspicious command was detected in your virtual machine by analyzing the Azure Resource Manager operations in your subscription.<br>Attackers may use custom script extension to execute a malicious code on your virtual machine via the Azure Resource Manager. | Execution | Medium |
158158
|**Custom script extension with suspicious entry-point in your virtual machine**<br>(VM_CustomScriptExtensionSuspiciousEntryPoint) | Custom script extension with a suspicious entry-point was detected in your virtual machine by analyzing the Azure Resource Manager operations in your subscription. The entry-point refers to a suspicious GitHub repository.<br>Attackers may use custom script extensions to execute malicious code on your virtual machines via the Azure Resource Manager. | Execution | Medium |
159159
|**Custom script extension with suspicious payload in your virtual machine**<br>(VM_CustomScriptExtensionSuspiciousPayload) | Custom script extension with a payload from a suspicious GitHub repository was detected in your virtual machine by analyzing the Azure Resource Manager operations in your subscription.<br>Attackers may use custom script extensions to execute malicious code on your virtual machines via the Azure Resource Manager. | Execution | Medium |

articles/defender-for-cloud/recommendations-reference.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ This article lists the recommendations you might see in Microsoft Defender for C
1414
shown in your environment depend on the resources you're protecting and your customized
1515
configuration.
1616

17-
Defender for Cloud recommendations are based on the [Microsoft cloud security benchmark](/security/benchmark/azure/introduction).
17+
Recommendations in Defender for Cloud are based on the [Microsoft cloud security benchmark](/security/benchmark/azure/introduction).
1818
the Microsoft cloud security benchmark is the Microsoft-authored set of guidelines for security
1919
and compliance best practices based on common compliance frameworks. This widely respected benchmark
2020
builds on the controls from the [Center for Internet Security (CIS)](https://www.cisecurity.org/benchmark/azure/)

articles/defender-for-cloud/support-matrix-cloud-environment.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ Runtime visibility of vulnerabilities in container images | Public preview | NA
4747
[Defender for Endpoint integration](./integration-defender-for-endpoint.md) | | GA | GA | NA
4848
[Connect AWS account](./quickstart-onboard-aws.md) | GA | NA | NA
4949
[Connect GCP project](./quickstart-onboard-gcp.md) | GA | NA | NA
50-
**[Defender for Storage](./defender-for-storage-introduction.md)**<br/><br/> Some Defender for Storage alerts are in public preview. | GA | GA | NA
50+
**[Defender for Storage](./defender-for-storage-introduction.md)**<br/><br/> Some alerts in Defender for Storage are in public preview. | GA | GA | NA
5151
**[Defender for SQL servers on machines](./defender-for-sql-introduction.md)** | GA | GA | NA
5252
**[Microsoft Sentinel bi-directional alert synchronization](../sentinel/connect-azure-security-center.md)** | Public preview | NA | NA
5353

0 commit comments

Comments
 (0)