Discover how attackers could move from compromised agents to sensitive data.
func-billing-pii
Initial Compromise
Azure OpenAI
Query AI Model
PII Storage Account
Read Customer PII
External Webhook
Exfiltrate Data
resource "azurerm_network_security_group" "functions" {
name = "nsg-functions-prod"
security_rule {
name = "DenyInternetOutbound"
priority = 4096
direction = "Outbound"
access = "Deny"
protocol = "*"
destination_address_prefix = "Internet"
}
}