T1530

April 3, 2026

Netskope Secure Web Gateway Solution: New Detection Coverage for Cloud Application Visibility

New Netskope solution adds 10 detections for web transaction monitoring including impossible travel, excessive downloads, shadow IT detection, and data exfiltration patterns. Read More →

October 9, 2025

AWS and VMware ESXi: Three New Analytic Rules for Execution, Exfiltration, and Lateral Movement

Three new Analytic Rules added across AWS CloudTrail and VMware ESXi — detecting EC2 startup script tampering (T1059), anonymous S3 object exfiltration (T1530), and SSH enablement on ESXi hosts (T1021). Read More →

Auto-generated content based on the Azure-Sentinel GitHub repo.

Microsoft Sentinel is a trademark of Microsoft Corporation.