Document Details

Fusion Scenario Reference
Home / Scan #246 / Fusion Scenario Reference
Sad Tux - Windows bias detected
This page contains Windows bias

About This Page

This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
GitHub View on GitHub 📚 View on Microsoft Learn

Bias Analysis

Detected Bias Types
powershell_heavy
windows_tools
windows_first
Summary
The documentation page demonstrates a moderate Windows bias, particularly in the 'Malicious execution with legitimate process' section, which focuses on Windows-specific tools and techniques such as PowerShell and WMI. These examples are given without Linux/macOS equivalents or mention of cross-platform alternatives. The overall page is heavily oriented toward Microsoft cloud and security products, but the specific technical scenarios for detection and response reference Windows-centric attack patterns and tools first, with little to no coverage of Linux/macOS-specific threats or command-line tools.
Recommendations
  • Add equivalent examples for Linux/macOS, such as detection of suspicious Bash or Python command execution, or remote SSH activity.
  • Include references to Linux/macOS credential theft tools (e.g., 'LaZagne', 'John the Ripper') alongside Windows tools like Mimikatz.
  • Expand coverage of attack techniques to include Linux/macOS-specific management and scripting interpreters (e.g., shell scripts, cron jobs, systemd abuse).
  • Where PowerShell or WMI is mentioned, also discuss how similar malicious activity might be detected on non-Windows endpoints.
  • Add scenarios for cloud resource abuse or data exfiltration that are relevant to Linux-based workloads.
GitHub Create Pull Request

Scan History

Date Scan Status Result
2026-01-14 00:00 #250 in_progress Biased Biased
2026-01-13 00:00 #246 completed Biased Biased
2026-01-11 00:00 #240 completed Biased Biased
2026-01-10 00:00 #237 completed Biased Biased
2026-01-09 00:34 #234 completed Biased Biased
2026-01-08 00:53 #231 completed Biased Biased
2026-01-06 18:15 #225 cancelled Clean Clean
2025-08-17 00:01 #83 cancelled Clean Clean
2025-07-13 21:37 #48 completed Clean Clean
2025-07-12 23:44 #41 cancelled Biased Biased