- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Set up the azure integration.
To mitigate the impact of credential exposure or compromise, role assignments should be scoped down to the least level of privilege needed to perform their responsibilities. This rule identifies when a managed identity is assigned a role that has permissions that are more broad than what is regularly used. Datadog considers a permissions gap to be large when the number of unused permissions is greater than 40% of the total permissions count.
By comparing what actions a managed identity has performed in the last 15 days with what their roles permit, we can identify a permissions gap. This gap should be removed to mitigate the impact of a potential compromise.
Datadog recommends reducing the permissions assigned to user to the minimum necessary for them to fulfill their duties. Azure Activity Logs provide a comprehensive view of actual user actions. These actions should be compared with the permissions sets allocated to the user and the permissions adjusted more tightly to accord with actual activity.