Forum Discussion
Azure Defender for App Services
Hello Team,
Does we have any guide how to trigger Azure Defender for App Services alerts? I am trying my own but I was not able to.
StanislavBelov
Microsoft
MicrosoftHi RonaldoCosta
if your purpose is to just generate some activity and trigger alerts, you may consider using the sample alerts Alert validation in Azure Security Center | Microsoft Docs
Hello Stanislav. I want to generate real alerts. Customer want to trigger for example : "PHP file in upload folder" or "Suspicious PHP execution detected". https://docs.microsoft.com/en-us/azure/security-center/alerts-reference
- StanislavBelovUnfortunately we currently don't have a ready to use guidance how to test AzDefender for App Services but we have just started a new blog series 'Azure Defender PoC' where we are going to cover all Defender plans in details: https://techcommunity.microsoft.com/t5/azure-security-center/azure-defender-poc-series-azure-defender-for-resource-manager/ba-p/2539915
Stay tuned. - Hello RonaldoCosta,
Outside of the sample, as pointed out by Stanislav, 'real' alerts will need to be triggered manually. Otherwise they would not be 'real'. So you can simply upload a PHP file to the upload folder and try to access it using a browser which should trigger the first alert (PHP file in upload folder).
For the second alert, Suspicious PHP execution detected, you need a PHP script running which would do OS commands such as exec("touch maliciousfile.exe"); for instance.