Cyble Vision Alerts Cloud Storage

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Content Index

---

Detects cloud storage objects/paths discovered in ingestion (uses Alerts_cloud_storage parser). Creates incidents for discovered S3/GCS/Azure blob objects, includes bucket/object/url, size and workflow metadata. Mandatory custom details: MappedSeverity, Status, AlertID, Service.

Attribute	Value
Type	Analytic Rule
Solution	Cyble Vision
ID	db417cee-529c-4eac-b7b9-36eb0166800a
Severity	Low
Status	Available
Kind	Scheduled
Tactics	Exfiltration, Discovery
Techniques	T1537, T1083
Required Connectors	CybleVisionAlerts
Source	View on GitHub

Tables Used

This content item queries data from the following tables:

Table	Transformations	Ingestion API	Lake-Only
CybleVisionAlerts_CL	?	✓	?

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Analytic Rules · Back to Cyble Vision