This rule detects if an Azure storage account is configured to allow HTTP traffic, which is indicated by the 'supportsHttpsTrafficOnly' property being set to false. The configuration of Azure storage accounts can enable or disable HTTPS traffic, and disabling this requirement opens up the risk of unencrypted data transfers, allowing potential interception by malicious actors. The rule provides a high-severity alert because unencrypted communication can expose sensitive data during transit. It integrates with Azure Monitor Activity logs to track changes to storage account configurations. The detection mechanism includes querying these logs for recent operations, cross-referencing IP sources against known threat intelligence, and monitoring for other suspicious configuration changes involving the accounts. Additionally, the rule is categorized under Command and Control activities within the Application Layer Protocol context, aligned with the MITRE ATT&CK framework to aid cybersecurity analysts in identifying related tactics and techniques.