Export disk via SAS URL

In Azure it is possible to export a disk through SAS URL. A malicious actor can leverage the Azure Managed Disk Import / Export feature to exfiltrate data outside of the organization. The attacker will generate a time bound Shared Access Signature (SAS) URI for unattached managed disks and snapshots. By default, in Azure all the Azure Disks are configured with a public endpoint enabled.