Forum Discussion
JasonCohen1892
Mar 25, 2021Microsoft
New Blog Post | Web Shell Threat Hunting with Azure Sentinel
Web Shell Threat Hunting with Azure Sentinel - Microsoft Tech Community
In this blog post we will provide Microsoft Azure Sentinel customers with hunting queries to investigate possible on-premises Exchange Server exploitation and identify additional attacker IOCs (Indicators of compromise) such as IP address and User Agent. These hunting techniques can also be applied to web shell techniques targeting other web applications.
No RepliesBe the first to reply