KnowBe4 Defend - Dangerous Attachment Detected

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Content Index

---

Defend has detected a user has a suspicious file type from a suspicious sender in their mailbox.

Attribute	Value
Type	Analytic Rule
Solution	KnowBe4 Defend
ID	b75a4a7a-dedb-47be-b7e6-344f4d50af19
Severity	Medium
Status	Available
Kind	Scheduled
Tactics	Execution, InitialAccess, Persistence, PrivilegeEscalation
Techniques	T1204, T0853, T0863, T1566, T1546, T1546
Required Connectors	KnowBe4Defend
Source	View on GitHub

Tables Used

This content item queries data from the following tables:

Table	Transformations	Ingestion API	Lake-Only
EgressDefend_CL 🔶	?	✓	?
KnowBe4Defend_CL 🔶	?	✓	?

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Analytic Rules · Back to KnowBe4 Defend