Log Analytics

Security of Cloud Tools

So I have been heavily involved with the security of our Managed Service Cloud infrastructure and have been using Microsoft OMS (Log Analytics) very proactively to scan our networks for potential vulnerabilities. One vulnerability that was picked up in the Security and Audit section was on a third-party box we have in our network which hosts some Office365 integration. In OMS Threat intelligence this server was shown to be hosting a suspicious outbound connection which is visualised as a red up turned arrow, which is you know you OMS is not good and requires immediate attention (see example below)… On investigation of the box and outbound IP address we discovered that it was actually an instance of remote control tool teamviewer which when accessed remotely by the third-party actuall...

Lost Password