Front Door Premium WAF - XSS Detection

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Content Index

---

Identifies a match for an XSS attack in the Front Door Premium WAF logs. The threshold value in the query can be changed as per your infrastructure's requirements. References: https://owasp.org/www-project-top-ten/2017/A7_2017-Cross-Site_Scripting_(XSS)

Attribute	Value
Type	Analytic Rule
Solution	Azure Web Application Firewall (WAF)
ID	b7643904-5081-4920-917e-a559ddc3448f
Severity	High
Status	Available
Kind	Scheduled
Tactics	InitialAccess, Execution
Techniques	T1189, T1203, T0853
Required Connectors	WAF
Source	View on GitHub

Tables Used

This content item queries data from the following tables:

Table	Selection Criteria	Transformations	Ingestion API	Lake-Only
AzureDiagnostics 🔶	Category == "FrontDoorWebApplicationFirewallLog"	?	✗	?

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Analytic Rules · Back to Azure Web Application Firewall (WAF)