Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Creates an incident when a large number of Critical/High severity CrowdStrike Falcon sensor detections is triggered by a single user
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | CrowdStrike Falcon Endpoint Protection |
| ID | 4465ebde-b381-45f7-ad08-7d818070a11c |
| Severity | High |
| Status | Available |
| Kind | Scheduled |
| Required Connectors | CefAma |
| Source | View on GitHub |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
↑ Back to Analytic Rules · Back to CrowdStrike Falcon Endpoint Protection