Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Resource access activity

Steel Contributor

Where can we find more info on the following activities logged by Azure ATP? What is the difference between those two:


Resource accessdevice xxxx, property xxxx/xxxx

Resource access: property Spns xxx/xxxx, user xxxx


What could cause a lot of these activities by one user? Can this indicate kerberoasting?

0 Replies