You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/attack-path-reference.md
+7-7Lines changed: 7 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -25,8 +25,8 @@ Prerequisite: For a list of prerequisites, see the [Availability table](how-to-m
25
25
| Internet exposed VM has high severity vulnerabilities | A virtual machine is reachable from the internet and has high severity vulnerabilities |
26
26
| Internet exposed VM has high severity vulnerabilities and high permission to a subscription | A virtual machine is reachable from the internet, has high severity vulnerabilities an identity with permission to a subscription |
27
27
| Internet exposed VM has high severity vulnerabilities and read permission to a data store with sensitive data | A virtual machine is reachable from the internet, has high severity vulnerabilities with read permission to a data store containing sensitive data. For more details, you can learn how to [prioritize security actions by data sensitivity](./information-protection.md). |
28
-
| Internet exposed VM has high severity vulnerabilities and read permission to a data store | A virtual machine is reachable from the internet, has high severity vulnerabilities with read permission to a data store. |
29
-
| Internet exposed VM has high severity vulnerabilities and read permission to a Key Vault | A virtual machine is reachable from the internet, has high severity vulnerabilities with read permission to a key vault |
28
+
| Internet exposed VM has high severity vulnerabilities and read permission to a data store | A virtual machine is reachable from the internet and has high severity vulnerabilities with read permission to a data store. |
29
+
| Internet exposed VM has high severity vulnerabilities and read permission to a Key Vault | A virtual machine is reachable from the internet and has high severity vulnerabilities with read permission to a key vault |
30
30
| VM has high severity vulnerabilities and high permission to a subscription | A virtual machine has high severity vulnerabilities and has high permission to a subscription |
31
31
| VM has high severity vulnerabilities and read permission to a data store with sensitive data | A virtual machine has high severity vulnerabilities with read permission to a data store containing sensitive data. For more details, you can learn how to [prioritize security actions by data sensitivity](./information-protection.md). |
32
32
| VM has high severity vulnerabilities and read permission to a key vault | A virtual machine has high severity vulnerabilities with read permission to a key vault |
@@ -79,16 +79,16 @@ Prerequisite: [Enable Defender for Containers](defender-for-containers-enable.md
79
79
80
80
## Cloud security graph components list
81
81
82
-
This section lists all of the cloud security graph components (connections & insights) that can be used in queries with the [cloud security explorer](concept-attack-path.md).
82
+
This section lists all of the cloud security graph components (connections and insights) that can be used in queries with the [cloud security explorer](concept-attack-path.md).
83
83
84
84
### Insights
85
85
86
86
| Insight | Description | Supported entities |
87
87
|--|--|--|
88
88
| Exposed to the internet | Indicates that a resource is exposed to the internet. Supports port filtering | Azure virtual machine, AWS EC2, Azure storage account, Azure SQL server, Azure Cosmos DB, AWS S3, Kubernetes pod |
89
89
| Contains sensitive data | Indicates that a resource contains sensitive data based on Microsoft Purview scan and applicable only if Microsoft Purview is enabled. For more details, you can learn how to [prioritize security actions by data sensitivity](./information-protection.md). | Azure SQL Server, Azure Storage Account, AWS S3 bucket |
90
-
| Has tags |List the resource tags of the cloud resource | All Azure and AWS resources |
91
-
| Installed software |List all software installed on the machine. This is applicable only for VMs that have Threat and vulnerability management integration with Defender for Cloud enabled and are connected to Defender for Cloud. | Azure virtual machine, AWS EC2 |
90
+
| Has tags |Lists the resource tags of the cloud resource | All Azure and AWS resources |
91
+
| Installed software |Lists all software installed on the machine. This is applicable only for VMs that have threat and vulnerability management integration with Defender for Cloud enabled and are connected to Defender for Cloud. | Azure virtual machine, AWS EC2 |
92
92
| Allows public access | Indicates that a public read access is allowed to the data store with no authorization required | Azure storage account, AWS S3 bucket |
93
93
| Doesn't have MFA enabled | Indicates that the user account does not have a multi-factor authentication solution enabled | AAD User account, IAM user |
94
94
| Is external user | Indicates that the user account is outside the organization's domain | AAD User account |
@@ -101,8 +101,8 @@ This section lists all of the cloud security graph components (connections & in
101
101
| Uses host network | Indicates that a Kubernetes pod uses the network namespace of its host machine | Kubernetes pod |
102
102
| Has high severity vulnerabilities | Indicates that a resource has high severity vulnerabilities | Azure VM, AWS EC2, Kubernetes image |
103
103
| Vulnerable to remote code execution | Indicates that a resource has vulnerabilities allowing remote code execution | Azure VM, AWS EC2, Kubernetes image |
104
-
| Public IP metadata |List the metadata of an Public IP | Public IP |
105
-
| Identity metadata |List the metadata of an identity | AAD Identity |
104
+
| Public IP metadata |Lists the metadata of an Public IP | Public IP |
105
+
| Identity metadata |Lists the metadata of an identity | AAD Identity |
0 commit comments