Microsoft Azure

• Azure Portal and its services, including comprehensive platform logs from Azure services, performance data from virtual machines, and usage and performance data from the applications.

• Azure Active Directory (Azure AD) activity to discover how the Azure AD services are accessed and used.

AWS

• Infrastructure: Log data collection, File integrity monitoring, Anomaly and malware detection, Security policy monitoring, System inventory, Vulnerability detection.

• aws-s3 security monitoring capabilities.

Google Cloud

• The Pub/Sub integration module. XeneX can use the Google Cloud Pub/Sub messaging and ingestion service. It is widely used for event-driven systems and streaming analytics. It allows sending and receiving messages between applications. XeneX uses it to fetch different kinds of events (Data access, Admin activity, System events, DNS queries, etc.) from the Google Cloud infrastructure. Once events are collected, XeneX processes them using its threat detection rules.

• The Storage integration module. XeneX can process logs stored in a Google Cloud Storage bucket using the gcp-buckets module, a highly configurable module that collects any log stored in the bucket and processes the events using the defined threat detection and decoders.