Our next-gen architecture is built to help you make sense of your ever-growing data. Watch a 4-min demo video!

Quick Start Security for Azure Disk

Azure Disk
Azure Disk icon

Out-of-the-Box Security For Azure Disk Includes:

Alerts - 4

Stay on top of Azure Disk key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.

Azure disk export URI created

Triggers upon successful export of an Azure disk and generating URLs that are accessible publically through their URI. Impact An attacker can exfiltrate data by downloading an Azure Compute VM's disk as a VHD file via the export URL. Mitigation Confirm the validity of exporting the disk and initiate an investigation if the activity is suspicoius. Mitre tactic : TA0009 Mitre technique : T1074

Encrypt OS Using Customer Managed Keys

The "Encrypt OS and Data Disks Using Customer Managed Keys Audit" use case involves the establishment of an audit log to track and record activities related to the encryption of operating system (OS) and data disks within a system or infrastructure. This use case focuses on monitoring and auditing the implementation of disk encryption using customer-managed keys, ensuring the security and compliance of sensitive data. Impact Encrypting operating system (OS) and data disks using customer-managed keys can have various impacts on an organization's security, compliance, and operational aspects - Data Security Enhancement Compliance Adherence Data Confidentiality Mitigation Validate that the Encryption operation of data disk as if it was authorized and intended, revert and further investigate if not. MITRE Tactic: TA0005 MITRE Technique: T1578

Disk Deletion for Resource

In Microsoft Azure, the deletion of a disk is a critical operation that involves removing a disk resource from the Azure environment. The Azure disk deletion operation impacts the management of storage resources and can have various implications for virtual machines (VMs) and associated data Impact An attacker can delete a disk to harm the organization or to cover his tracks. Mitigation Validate that the deletion operation was authorized and intended, revert and further investigate if not. MITRE Tactic: TA0005 MITRE Technique: T1578

Disk Create/Modify for Resources

In Microsoft Azure, the create/Modify of a disk is a critical operation that involves adding a disk resource from the Azure environment. The Azure disk creation operation impacts the management of storage resources and can have various implications for virtual machines (VMs) and associated data Impact An attacker can Modify a disk to harm the organization or to cover his tracks. Mitigation Validate that the create/Modify operation was authorized and intended, revert and further investigate if not. MITRE Tactic: TA0005 MITRE Technique: T1578

Documentation

Learn more about Coralogix's out-of-the-box integration with Azure Disk in our documentation.

Read More
Schedule Demo