https://techcommunity.microsoft.com/t5/azure-security-center/validating-azure-key-vault-threat-detection-in-azure-security/ba-p/1220336
Azure Security Center includes advanced threat protection for Azure Key Vault. Security Center detects unusual and potentially harmful attempts to access or exploit Key Vault accounts based on behavior analysis using machine learning. To use this threat detection capability, you need to enable the Key Vault threat bundle in Azure Security Center pricing tier as shown below:
The validation steps that follows are going to help you to simulate an action that will trigger an alert in Azure Security Center. This action may be benign in some cases, but it could also indicate that the Key Vault has been accessed by someone using the TOR IP anonymization system to hide their true source location. Follow the steps below to perform this simulation:
