Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This query is Deprecated as its filter conditions will never yield results. This query identifies any URL indicators of compromise (IOCs) from threat intelligence (TI) by searching for matches in OfficeActivity data.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Threat Intelligence |
| ID | 36a9c9e5-3dc1-4ed9-afaa-1d13617bfc2b |
| Severity | Medium |
| Kind | Scheduled |
| Tactics | CommandAndControl |
| Techniques | T1071 |
| Required Connectors | Office365, ThreatIntelligence, MicrosoftDefenderThreatIntelligence, ThreatIntelligenceTaxii |
| Source | View on GitHub |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊