Skip to content

Renamed analytic rule from BruteForceCloudPC to BruteForceAgainstEntraAuthenticatedWindowsDevice and updated name and description in Analytic Rule #14162

Merged
v-dvedak merged 1 commit intomasterfrom
V-Utpal/MicrosoftEntraIDBruteForceEntraJoinedWindowsDevices/Issue#14093
Apr 30, 2026
Merged

Renamed analytic rule from BruteForceCloudPC to BruteForceAgainstEntraAuthenticatedWindowsDevice and updated name and description in Analytic Rule #14162
v-dvedak merged 1 commit intomasterfrom
V-Utpal/MicrosoftEntraIDBruteForceEntraJoinedWindowsDevices/Issue#14093

Conversation

@v-utpalkumar
Copy link
Copy Markdown
Contributor

@v-utpalkumar v-utpalkumar commented Apr 29, 2026

Change(s):

  • Renamed analytic rule from BruteForceCloudPC to BruteForceAgainstEntraAuthenticatedWindowsDevice and updated name and description in Analytic Rule to reflect detection scope across all Entra-authenticated Windows devices (including Entra-joined, hybrid-joined, and Windows 365 Cloud PCs), resolving ambiguity around Cloud PC specificity.

Reason for Change(s):

  • Resolving ambiguity around only Cloud PC specificity detection.

Version Updated:

  • Yes

Testing Completed:

  • Yes. Attached the screenshots below.

Checked that the validations are passing and have addressed any issues that are present:

  • Yes
image image image image image image

@v-utpalkumar v-utpalkumar requested review from a team as code owners April 29, 2026 11:26
@contentautomationbot
Copy link
Copy Markdown

contentautomationbot Bot commented Apr 29, 2026

Hello how are you I am GitHub bot
😀😀
I see that you changed templates under the detections/analytic rules folder. Did you remember to update the version of the templates you changed?
If not, and if you want customers to be aware that a new version of this template is available, please update the version property of the template you changed.

@v-utpalkumar v-utpalkumar linked an issue Apr 29, 2026 that may be closed by this pull request
Brute force attack against a Cloud PC will trigger on non-Cloud PCs #14093
Closed
rahul0216
rahul0216 approved these changes Apr 30, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@rahul0216 rahul0216 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes looks good.

@v-dvedak v-dvedak merged commit c8fb6b3 into master Apr 30, 2026
36 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rahul0216 rahul0216 rahul0216 approved these changes

@v-dvedak v-dvedak v-dvedak approved these changes

@v-shukore v-shukore v-shukore approved these changes

Assignees

@v-shukore v-shukore

Labels

Content-Package

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Brute force attack against a Cloud PC will trigger on non-Cloud PCs

4 participants

@v-utpalkumar @rahul0216 @v-dvedak @v-shukore