Document Details

Normalization Schema Process Event
Home / Scan #234 / Normalization Schema Process Event
Sad Tux - Windows bias detected
This page contains Windows bias

About This Page

This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
GitHub View on GitHub 📚 View on Microsoft Learn

Bias Analysis

Detected Bias Types
windows_first
windows_tools
windows_examples
windows_concepts
Summary
The documentation exhibits a Windows bias in several ways: Windows paths and process names (e.g., C:\Windows\explorer.exe, rundll32.exe) are used exclusively in examples, and concepts such as integrity levels and User Access Control (UAC) are described only in terms of Windows features. References to process session IDs and other fields often specify Windows-specific formats and conversions, with Linux mentioned only in passing and never illustrated. Key process concepts (e.g., integrity levels) link to Windows documentation, and there are no Linux or cross-platform examples, tools, or references.
Recommendations
  • Provide Linux-specific examples alongside Windows ones, such as using /usr/bin/bash or /usr/bin/sshd for process names and paths.
  • Describe Linux equivalents for concepts like process integrity levels, privilege elevation (e.g., setuid/setgid), and session IDs.
  • Include references to Linux documentation (e.g., man pages, kernel docs) where relevant.
  • Clarify which fields and concepts apply to Linux, macOS, or other platforms, and note any differences.
  • Add examples of process events from Linux EDR or audit sources (e.g., auditd, sysmon for Linux).
  • Avoid using only Windows-centric terminology (e.g., UAC, Win32 apps) without mentioning alternatives or equivalents for other platforms.
GitHub Create Pull Request

Scan History

Date Scan Status Result
2026-01-22 01:38 #286 completed Biased Biased
2026-01-14 00:00 #250 in_progress Biased Biased
2026-01-13 00:00 #246 completed Biased Biased
2026-01-11 00:00 #240 completed Biased Biased
2026-01-10 00:00 #237 completed Biased Biased
2026-01-09 00:34 #234 completed Biased Biased
2026-01-08 00:53 #231 completed Biased Biased
2026-01-06 18:15 #225 cancelled Clean Clean
2025-08-17 00:01 #83 cancelled Clean Clean
2025-07-13 21:37 #48 completed Biased Biased
2025-07-12 23:44 #41 cancelled Clean Clean

Flagged Code Snippets