CYFIRMA - Attack Surface - Configuration High Rule

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Content Index

This alert is generated when CYFIRMA detects a critical misconfiguration in a public-facing asset or service. Such misconfigurations may include exposed admin interfaces, default credentials, open directory listings, or insecure protocols, which significantly increase the attack surface."

Attribute Value
Type Analytic Rule
Solution Cyfirma Attack Surface
ID 30206b45-75d2-4c6a-87c5-f0861c1f2870
Severity High
Status Available
Kind Scheduled
Tactics InitialAccess, Discovery, Persistence, Execution, DefenseEvasion, CredentialAccess, Collection, Reconnaissance
Techniques T1190, T1087, T1046, T1136, T1059, T1566, T1070, T1027, T1505, T1555, T1114, T1595
Required Connectors CyfirmaAttackSurfaceAlertsConnector
Source View on GitHub

Tables Used

This content item queries data from the following tables:

Table Transformations Ingestion API Lake-Only
CyfirmaASConfigurationAlerts_CL ? ?

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Analytic Rules · Back to Cyfirma Attack Surface