Analytic Rules - L

28 analytic rules starting with 'L'.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

All Analytic Rules

Jump to letter: # | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Z

Source: 📦 Solution | 📄 Standalone | 🔗 GitHub Only

Name Severity Source
Lateral Movement Risk - Role Chain Length Informational 📦 Authomize
Lateral Movement via DCOM Medium 📦 Endpoint Threat Protection Essentials
LaZagne Credential Theft Medium 📦 Microsoft Defender XDR
License Expired High 📦 Veeam
License Expiring Informational 📦 Veeam
License Grace Period Started High 📦 Veeam
License Limit Exceeded Medium 📦 Veeam
License Removed High 📦 Veeam
License Support Expired High 📦 Veeam
License Support Expiring Low 📦 Veeam
Linked Malicious Storage Artifacts Medium 📦 Microsoft Defender for Cloud Apps
Local Admin Group Changes High 📦 Microsoft Defender XDR
Log4j vulnerability exploit aka Log4Shell IP IOC High 📦 Apache Log4j Vulnerability Detection
Login to AWS Management Console without MFA Low 📦 Amazon Web Services
Lookout - Critical Audit and Policy Changes (v2) Medium 📦 Lookout
Lookout - Critical Smishing and Phishing Alerts (v2) High 📦 Lookout
Lookout - Device Compliance and Security Status Changes (v2) Medium 📦 Lookout
Lookout - High Severity Mobile Threats Detected (v2) High 📦 Lookout
Lookout - New Threat events found. High 📦 Lookout
LSASS Credential Dumping with Procdump High 📦 Microsoft Defender XDR
Lumen TI domain in DnsEvents Medium 📦 Lumen Defender Threat Feed
Lumen TI IPAddress in CommonSecurityLog Medium 📦 Lumen Defender Threat Feed
Lumen TI IPAddress in DeviceEvents Medium 📦 Lumen Defender Threat Feed
Lumen TI IPAddress in IdentityLogonEvents Medium 📦 Lumen Defender Threat Feed
Lumen TI IPAddress in OfficeActivity Medium 📦 Lumen Defender Threat Feed
Lumen TI IPAddress in SecurityEvents Medium 📦 Lumen Defender Threat Feed
Lumen TI IPAddress in SigninLogs Medium 📦 Lumen Defender Threat Feed
Lumen TI IPAddress in WindowsEvents Medium 📦 Lumen Defender Threat Feed

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Content Index · Back to Analytic Rules