Contrast ADR - Exploited Attack Event

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Content Index

---

Detects successful exploitation of security vulnerabilities across all environments as identified by Contrast ADR. This rule captures confirmed exploited attacks that bypassed application security controls and require security team investigation.

Attribute	Value
Type	Analytic Rule
Solution	ContrastADR
ID	ae4f67a6-0713-4a26-ae61-284e67b408c1
Severity	High
Status	Available
Kind	Scheduled
Tactics	InitialAccess, Execution, DefenseEvasion, LateralMovement, CommandAndControl
Techniques	T1190, T1059, T1055, T1210, T1008
Required Connectors	ContrastADRCCF
Source	View on GitHub

Tables Used

This content item queries data from the following tables:

Table	Transformations	Ingestion API	Lake-Only
ContrastADRAttackEvents_CL	?	✓	?

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Analytic Rules · Back to ContrastADR