Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This alert leverages Defender for IoT to detect PLC operating mode changes indicating the PLC is potentially insecure. If the PLC is compromised, devices that interact with it may be impacted. This may affect overall system security and safety.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | IoTOTThreatMonitoringwithDefenderforIoT |
| ID | f9df500a-e2a4-4104-a517-dc1d85bb654f |
| Severity | Low |
| Status | Available |
| Kind | Scheduled |
| Tactics | Execution |
| Techniques | T0858 |
| Required Connectors | IoT |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
SecurityAlert |
AlertName has "PLC Operating Mode Changed"ProviderName == "IoTSecurity" |
✓ | ✗ | ✓ |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
↑ Back to Analytic Rules · Back to IoTOTThreatMonitoringwithDefenderforIoT