Analytic Rules - F

48 analytic rules starting with 'F'.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Jump to letter: # | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Z

Source: 📦 Solution | 📄 Standalone | 🔗 GitHub Only

Name	Severity	Source
F&O - Bank account change following network alias reassignment	Low	📦 Microsoft Business Applications
F&O - Mass update or deletion of user records	Medium	📦 Microsoft Business Applications
F&O - Non-interactive account mapped to self or sensitive privileged user	Medium	📦 Microsoft Business Applications
F&O - Reverted bank account number modifications	Low	📦 Microsoft Business Applications
F&O - Unusual sign-in activity using single factor authentication	Low	📦 Microsoft Business Applications
Failed AWS Console logons but success logon to AzureAD	Medium	📄 Standalone Content
Failed AzureAD logons but success logon to AWS Console	Medium	📄 Standalone Content
Failed AzureAD logons but success logon to host	Medium	📄 Standalone Content
Failed host logons but success logon to AzureAD	Medium	📄 Standalone Content
Failed login attempts to Azure Portal	Low	📦 Microsoft Entra ID
Failed Logins from Unknown or Invalid User	Medium	📦 Okta Single Sign-On
Failed logon attempts by valid accounts within 10 mins	Low	📄 Standalone Content
Failed logon attempts in authpriv	Medium	📦 Syslog
Failed sign-ins into LastPass due to MFA	Low	📦 Lastpass Enterprise Activity Monitoring
Failover Plan Deleted	Low	📦 Veeam
Failover Plan Failed	Low	📦 Veeam
Failover Plan Settings Updated	Informational	📦 Veeam
Failover Plan Started	High	📦 Veeam
Failover Plan Stopped	Medium	📦 Veeam
Fake computer account created	Medium	📄 Standalone Content
File Server Deleted	High	📦 Veeam
File Server Settings Updated	Informational	📦 Veeam
File Share Deleted	High	📦 Veeam
Files Copied to USB Drives	High	📦 Microsoft Defender XDR
Firewall errors stateful anomaly on database	Medium	📦 Azure SQL Database solution for sentinel
Firewall rule manipulation attempts stateful anomaly on database	Medium	📦 Azure SQL Database solution for sentinel
Firmware Updates (Microsoft Defender for IoT)	Medium	📦 IoTOTThreatMonitoringwithDefenderforIoT
First access credential added to Application or Service Principal where no credential was present	High	📦 Microsoft Entra ID
Flare Cloud bucket result	Medium	📦 Flare
Flare Google Dork result found	Medium	📦 Flare
Flare Host result	Medium	📦 Flare
Flare Infected Device	Medium	📦 Flare
Flare Leaked Credentials	Medium	📦 Flare
Flare Paste result	Medium	📦 Flare
Flare Source Code found	Medium	📦 Flare
Flare SSL Certificate result	Medium	📦 Flare
Flow Logs Alerts for Prancer ⚠️	High	📦 Prancer PenSuiteAI Integration
Forescout-DNS_Sniff_Event_Monitor	Medium	📦 ForescoutHostPropertyMonitor
Fortinet - Beacon pattern detected	Low	📄 Standalone Content
Fortiweb - WAF Allowed threat	High	📦 Fortinet FortiWeb Cloud WAF-as-a-Service connector for Microsoft Sentinel
Four-Eyes Authorization Disabled	High	📦 Veeam
Four-Eyes Authorization Request Created	High	📦 Veeam
Four-Eyes Authorization Request Expired	Medium	📦 Veeam
Four-Eyes Authorization Request Rejected	Informational	📦 Veeam
Front Door Premium WAF - SQLi Detection	High	📦 Azure Web Application Firewall (WAF)
Front Door Premium WAF - XSS Detection	High	📦 Azure Web Application Firewall (WAF)
Full Admin policy created and then attached to Roles, Users or Groups	Medium	📦 Amazon Web Services
full_access_as_app Granted To Application	Medium	📦 Microsoft Entra ID

⚠️ Items marked with ⚠️ are not listed in their Solution JSON file. They were discovered by scanning solution folders.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Content Index · Back to Analytic Rules