Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Correlates Contrast ADR security alerts with WAF logs to identify confirmed attack attempts that were either exploited or blocked. This rule helps security teams prioritize incidents by focusing on attacks that have been validated by application security monitoring.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | ContrastADR |
| ID | 93641436-afb3-4921-8828-ceab0d15aaab |
| Severity | Medium |
| Status | Available |
| Kind | Scheduled |
| Tactics | InitialAccess, DefenseEvasion, CommandAndControl |
| Techniques | T1190, T1211, T1008 |
| Required Connectors | ContrastADRCCF |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
ContrastADRAttackEvents_CL |
? | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊