Critical Risks

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Content Index

---

This query searches for all the exploited risks that RidgeBot identified

Attribute	Value
Type	Analytic Rule
Solution	RidgeSecurity
ID	1eebfaf3-40e1-4bc2-9f42-049b7b8ceb60
Severity	High
Status	Available
Kind	Scheduled
Tactics	Execution, InitialAccess, PrivilegeEscalation
Techniques	T1189, T1059, T1053, T1548
Required Connectors	RidgeBotDataConnector, CefAma
Source	View on GitHub

Tables Used

This content item queries data from the following tables:

Table	Selection Criteria	Transformations	Ingestion API	Lake-Only
CommonSecurityLog	DeviceEventClassID == "4001" DeviceVendor == "RidgeSecurity"	✓	✓	?

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Analytic Rules · Back to RidgeSecurity