Detections
Analytics
Exploit Public-Facing Application (Azure)
Description
Adversaries may leverage external-facing remote services to initially access and/or persist within a network. Remote services such as VPNs, Citrix, and other access mechanisms allow users to connect to internal enterprise network resources from external locations. There are often remote service gateways that manage connections and credential authentication for these services. Services such as Windows Remote Management and VNC can also be used externally.
Products, Sensors, and Dependencies
| Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
|---|---|---|---|---|---|---|
| Tenable Vulnerability Management | Cloud instance | Read-only | Any | Vulnerabilities | ||
| Tenable Cloud Security | Cloud instance | Read-only | Any | Internet Expose |
Attack Path Technique Details
Framework: MITRE ATT&CK
Family: Initial Access, Persistence
Technique: Exploit Public-Facing Application
Platform: Entra ID
Products Required: Tenable Vulnerability Management and Tenable Cloud Security
Tenable Release Date: 2024 Q1