Exploit Public-Facing Application (Azure)

Description

Adversaries may leverage external-facing remote services to initially access and/or persist within a network. Remote services such as VPNs, Citrix, and other access mechanisms allow users to connect to internal enterprise network resources from external locations. There are often remote service gateways that manage connections and credential authentication for these services. Services such as Windows Remote Management and VNC can also be used externally.

Products, Sensors, and Dependencies

ProductDependenciesData sourceAccess requiredProtocolData CollectedNotes
Tenable Vulnerability ManagementCloud instanceRead-onlyAnyVulnerabilities
Tenable Cloud SecurityCloud instanceRead-onlyAnyInternet Expose

Attack Path Technique Details

Framework: MITRE ATT&CK

Family: Initial Access, Persistence

Platform: Entra ID

Tenable Release Date: 2024 Q1