Firewall and virtual networks configuration changes
Info
ID: MS-T813
Tactic: Defense Evasion
Persistence
MITRE technique: T1562.007
Attackers may disable firewall protection or set additional firewall rules to masquerade their access channel. Azure Storage offers a set of built-in network access features. Administrators can leverage these capabilities to restrict access to storage resources. Restriction rules can operate at the IP level or VNet IDs. When network rules are configured, only requests originated from authorized subnets will be served.