Forum Discussion
Log Analytics Agent - data exfiltration threat *.blob.core.windows.net
The public documentation specifies that for Log Analytics to be used, Virtual Machines must be granted outbound access to: *.ods.opinsights.azure.com *.oms.opinsights.azure.com *.blob.core.wind...
chdafni
Microsoft
MicrosoftLaurie_Rhodes Consider Service Endpoint Policies for locking down the storage accounts that can be access on the wire - Create and associate service endpoint policies - Azure portal | Microsoft Docs
Also a new DNS capability to privately connect to Azure Monitor resources exists Use Azure Private Link to securely connect networks to Azure Monitor - Azure Monitor | Microsoft Docs
These 2 capabilities can help remove exfiltration abilities.