Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
Identifies a match for an XSS attack in the Front Door Premium WAF logs. The threshold value in the query can be changed as per your infrastructure's requirements. References: https://owasp.org/www-project-top-ten/2017/A7_2017-Cross-Site_Scripting_(XSS)
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Azure Web Application Firewall (WAF) |
| ID | b7643904-5081-4920-917e-a559ddc3448f |
| Severity | High |
| Status | Available |
| Kind | Scheduled |
| Tactics | InitialAccess, Execution |
| Techniques | T1189, T1203, T0853 |
| Required Connectors | WAF |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
AzureDiagnostics 🔶 |
Category == "FrontDoorWebApplicationFirewallLog"action_s in "AnomalyScoring,Block" |
✗ | ✗ | ✗ |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
↑ Back to Analytic Rules · Back to Azure Web Application Firewall (WAF)