[Workshop Alert] Mastering Observability with OpenTelemetry Fundamentals - Register Now!

Start Free Trial Get a Demo
Start Free Trial Request Demo

Quick Start Security for Azure Disk

Azure Disk
Azure Disk icon

Coralogix Extension For Azure Disk Includes:

Alerts - 4

Stay on top of Azure Disk key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.

Azure disk export URI created

Triggers upon successful export of an Azure disk and generating URLs that are accessible publically through their URI. Impact An attacker can exfiltrate data by downloading an Azure Compute VM's disk as a VHD file via the export URL. Mitigation Confirm the validity of exporting the disk and initiate an investigation if the activity is suspicoius. Mitre tactic : TA0009 Mitre technique : T1074

Encrypt OS Using Customer Managed Keys

The "Encrypt OS and Data Disks Using Customer Managed Keys Audit" use case involves the establishment of an audit log to track and record activities related to the encryption of operating system (OS) and data disks within a system or infrastructure. This use case focuses on monitoring and auditing the implementation of disk encryption using customer-managed keys, ensuring the security and compliance of sensitive data. Impact Encrypting operating system (OS) and data disks using customer-managed keys can have various impacts on an organization's security, compliance, and operational aspects - Data Security Enhancement Compliance Adherence Data Confidentiality Mitigation Validate that the Encryption operation of data disk as if it was authorized and intended, revert and further investigate if not. MITRE Tactic: TA0005 MITRE Technique: T1578

Disk Deletion for Resource

In Microsoft Azure, the deletion of a disk is a critical operation that involves removing a disk resource from the Azure environment. The Azure disk deletion operation impacts the management of storage resources and can have various implications for virtual machines (VMs) and associated data Impact An attacker can delete a disk to harm the organization or to cover his tracks. Mitigation Validate that the deletion operation was authorized and intended, revert and further investigate if not. MITRE Tactic: TA0005 MITRE Technique: T1578

Disk Create/Modify for Resources

In Microsoft Azure, the create/Modify of a disk is a critical operation that involves adding a disk resource from the Azure environment. The Azure disk creation operation impacts the management of storage resources and can have various implications for virtual machines (VMs) and associated data Impact An attacker can Modify a disk to harm the organization or to cover his tracks. Mitigation Validate that the create/Modify operation was authorized and intended, revert and further investigate if not. MITRE Tactic: TA0005 MITRE Technique: T1578

Integration

Learn more about Coralogix's out-of-the-box integration with Azure Disk in our documentation.

Read More
Schedule Demo

300+ Integrations

View More
Akamai
Akamai
JIRA
JIRA
Logstash
Logstash
Prometheus
Prometheus
Fluent Bit
Fluent Bit
Kubernetes
Kubernetes
Amazon CloudWatch
Amazon CloudWatch
GCP Log Explorer
GCP Log Explorer
CircleCI
CircleCI
Slack
Slack
PagerDuty
PagerDuty
Jenkins
Jenkins
OTel
OTel
CrowdStrike Falcon
CrowdStrike Falcon
Teams
Teams
AWS Lambda
AWS Lambda
GitHub
GitHub
Azure
Azure
Cortex XSOAR
Cortex XSOAR
AWS S3
AWS S3