VIEW RULE IN DATADOG VIEW MISCONFIGURATIONS

Description

Storage account containers containing activity log exports should not be publicly accessible. Allowing public access to activity log content may help an adversary identify weaknesses in the affected account’s usage or configuration.

Remediation

From the console

1. Search for Storage Accounts in the Azure Portal.
2. Click on the storage account name.
3. Click Configuration under Settings.
4. Select Enabled under Allow Blob public access.
5. Click Containers under Data Storage on the side panel.
6. Select the insights-activity-logs container.
7. Click Change access level and set it to Private (no anonymous access), then click OK.