CYFIRMA - Attack Surface - Domain/IP Vulnerability Exposure Medium Rule

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Content Index

---

This rule is triggered when CYFIRMA identifies publicly exposed vulnerabilities on domains or IP addresses within your organization's attack surface. These vulnerabilities may include outdated software, missing patches, insecure services, or misconfigurations that can be exploited by threat actors.Such exposure significantly increases the risk of exploitation, lateral movement, or data breach. Immediate investigation and remediation are recommended.

Attribute	Value
Type	Analytic Rule
Solution	Cyfirma Attack Surface
ID	a2f2c91b-5796-45e4-82c7-61763e6c2c9c
Severity	Medium
Status	Available
Kind	Scheduled
Tactics	InitialAccess, Discovery, DefenseEvasion, Persistence, Execution, Impact, PrivilegeEscalation
Techniques	T1505, T1068, T1046, T1499
Required Connectors	CyfirmaAttackSurfaceAlertsConnector
Source	View on GitHub

Tables Used

This content item queries data from the following tables:

Table	Transformations	Ingestion API	Lake-Only
CyfirmaASDomainIPVulnerabilityAlerts_CL	?	✓	?

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Analytic Rules · Back to Cyfirma Attack Surface