Fusion - Document Details

About This Page

This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.

View on GitHub 📚 View on Microsoft Learn

Bias Analysis

Detected Bias Types

windows_tools

powershell_heavy

windows_first

missing_linux_example

Summary

The documentation page exhibits a Windows bias by referencing Windows-specific tools (such as PowerShell, Windows Error and Warning Events, and Windows malware/ransomware examples) and providing examples that focus on Windows environments. There are multiple mentions of PowerShell as an attack vector, and Windows alerts are used in ransomware detection scenarios. There is no mention of Linux-specific tools, attack patterns, or equivalent examples for Linux environments, nor are Linux logs or commands referenced.

Recommendations

Include Linux-specific attack scenarios and detection examples, such as suspicious Bash commands, Linux malware, or SSH brute-force attempts.
Reference Linux system logs (e.g., /var/log/auth.log, /var/log/syslog) in detection tables and examples alongside Windows Event logs.
Provide parity in examples by showing how multistage attacks might be detected on Linux endpoints (e.g., suspicious sudo activity, cron job modifications, or use of Linux-native credential theft tools).
Mention Linux data connectors and ensure that analytics rules and entity mapping examples include Linux signals.
Balance references to PowerShell with equivalent Linux shell (Bash, sh) or scripting activity in attack detection scenarios.

Create Pull Request

Scan History

Date	Scan	Status	Result
2026-01-14 00:00	#250	in_progress	Biased
2026-01-13 00:00	#246	completed	Biased
2026-01-11 00:00	#240	completed	Biased
2026-01-10 00:00	#237	completed	Biased
2026-01-09 00:34	#234	completed	Biased
2026-01-08 00:53	#231	completed	Biased
2026-01-06 18:15	#225	cancelled	Clean
2025-08-17 00:01	#83	cancelled	Clean
2025-07-13 21:37	#48	completed	Biased
2025-07-12 23:44	#41	cancelled	Biased