It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Domain Fraud Protection

Network Security

Support Services

Barracuda XDR

Overview Documentation Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Domain Fraud Protection

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-5)

Simulating Microsoft Azure Threats

Last updated on 2023-11-21 13:21:16

The use case for test is disabling Azure multi-factor authentication (MFA) for an Azure user.

Barracuda XDR Azure Security Monitoring is a managed, cloud-native security product that detects ransomware, credential dumping, connections to malicious IP addresses, and other breaches. The Azure product catches threats and malware by identifying known threat signatures and using AI/machine learning. This activity identifies when multi-factor authentication is disabled for an Azure user account. An adversary may disable MFA for a user account in order to weaken the authentication requirements for the account.

Test Workflow

Azure 1.png

How to Test

Prerequisite

To do this test, you need a user that has MFA enabled.

Sign into the Azure portal as an administrator.
Search for and select Azure Active Directory, then select Users > All users.
Scroll right and select Multi-Factor Authentication.

A new page opens, displaying users and their MFA status, as shown below.
Select the box next to the name of the user(s) whose MFA you want to disable.
Click Disable.
In the pop-up window, confirm your selection.

An Azure Multi-Factor Authentication Disabled for an Azure User alarm triggers to the Barracuda XDR SOC.

Simulating Other Threats

You can simulate the following threats:

You can also view Threat Simulation videos. See Threat Simulation Videos.

Previous Article Next Article