Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This alert leverages Defender for IoT to detect unauthorized remote access to network devices, if another device on the network is compromised, target devices can be accessed remotely, increasing the attack surface.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | IoTOTThreatMonitoringwithDefenderforIoT |
| ID | 1ff4fa3d-150b-4c87-b733-26c289af0d49 |
| Severity | Medium |
| Status | Available |
| Kind | Scheduled |
| Tactics | InitialAccess |
| Techniques | T0886 |
| Required Connectors | IoT |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
SecurityAlert |
AlertName == "Unauthorized SSH Access"ProviderName == "IoTSecurity" |
✓ | ✗ | ✓ |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
↑ Back to Analytic Rules · Back to IoTOTThreatMonitoringwithDefenderforIoT