You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: exposure-management/predefined-classification-rules-and-levels.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,7 @@ author: dlanger
6
6
manager: ornat-spodek
7
7
ms.topic: reference
8
8
ms.service: exposure-management
9
-
ms.date: 06/16/2025
9
+
ms.date: 09/30/2025
10
10
---
11
11
12
12
# Predefined classifications - Microsoft Security Research
@@ -50,9 +50,9 @@ Current asset types are:
50
50
| VMware vCenter | Device | High | The VMware vCenter Server is crucial for managing virtual environments. It provides centralized management of virtual machines and ESXi hosts. If it fails, it could disrupt the administration and control of your virtual infrastructure, including provisioning, migration, load balancing of virtual machines, and data center automation. However, as there are often redundant vCenter Servers and High Availability configurations, the immediate halt of all operations might not occur. Its failure could still cause significant inconvenience and potential performance issues. |
51
51
| Hyper-V Server | Device | High | The Hyper-V hypervisor is essential for running and managing virtual machines within your infrastructure, serving as the core platform for their creation and management. If the Hyper-V host fails, it can lead to the unavailability of hosted virtual machines, potentially causing downtime and disrupting business operations. Moreover, it can result in significant performance degradation and operational challenges. Ensuring the reliability and stability of Hyper-V hosts is therefore critical for maintaining seamless operations in a virtual environment. |
52
52
| SharePoint Server | Device | Medium | The SharePoint server is responsible for secure content management, collaboration, and document sharing across teams. It hosts intranet portals and enterprise search within an organization. Compromise could lead to unauthorized access to sensitive information and disruption of content services. |
53
-
| Devices with Sensitive Information (Azure Document DB Auth Key) | Device | High | Devices that have interacted with Azure Document DB Auth Key sensitive information as detected by Microsoft Purview Endpoint Data Loss Prevention. These devices are automatically elevated to high criticality when accessing sensitive content and revert to baseline classification after 5 days of inactivity.|
54
-
| Devices with Sensitive Information (Azure Redis Cache Connection String) | Device | High | Devices that have interacted with Azure Redis Cache Connection String sensitive information as detected by Microsoft Purview Endpoint Data Loss Prevention. These devices are automatically elevated to high criticality when accessing sensitive content and revert to baseline classification after 5 days of inactivity. |
55
-
| Devices with Sensitive Information (Azure Storage Account Key) | Device | High | Devices that have interacted with Azure Storage Account Key sensitive information as detected by Microsoft Purview Endpoint Data Loss Prevention. These devices are automatically elevated to high criticality when accessing sensitive content and revert to baseline classification after 5 days of inactivity. |
53
+
| Devices with Sensitive Information (Azure Document DB Auth Key) | Device | High | Devices that have accessed documents containing Azure Document DB Auth Keys, which are identified as sensitive data. These devices are automatically classified as High criticality when interacting with sensitive content and revert to their baseline classification after 5 consecutive days without accessing the sensitive file. Learn more [here](/purview/sit-sensitive-information-type-learn-about)|
54
+
| Devices with Sensitive Information (Azure Redis Cache Connection String) | Device | High | Devices that have accessed documents containing Azure Redis Cache Connection Strings, which are identified as sensitive data. These devices are automatically classified as High criticality when interacting with sensitive content and revert to their baseline classification after 5 consecutive days without accessing the sensitive file. Learm more [here](/purview/sit-defn-azure-redis-cache-connection-string).|
55
+
| Devices with Sensitive Information (Azure Storage Account Key) | Device | High | Devices that have accessed documents containing Azure Storage Account Keys, which are identified as sensitive data. These devices are automatically classified as High criticality when interacting with sensitive content and revert to their baseline classification after 5 consecutive days without accessing the sensitive file. Learn more [here](/purview/sit-defn-azure-storage-account-key).|
0 commit comments