AFD WAF - Path Traversal Attack

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Content Index

Identifies a match for a Path Traversal based attack in the AFD WAF logs. The threshold value in the query can be changed as per your infrastructure's requirements. References: https://owasp.org/www-community/attacks/Path_Traversal

Attribute Value
Type Analytic Rule
Solution Azure Web Application Firewall (WAF)
ID a4d99328-e4e6-493d-b0d5-57e6f9ddae77
Severity High
Status Available
Kind Scheduled
Tactics DefenseEvasion, Execution, InitialAccess, PrivilegeEscalation, Discovery
Techniques T1548, T1203, T1190, T1548, T1087
Required Connectors WAF
Source View on GitHub

Tables Used

This content item queries data from the following tables:

Table Selection Criteria Transformations Ingestion API Lake-Only
AzureDiagnostics 🔶 Category == "FrontDoorWebApplicationFirewallLog" ? ?

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Analytic Rules · Back to Azure Web Application Firewall (WAF)