Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Identifies a match for SQL Injection attack in the Application gateway WAF logs. The Threshold value in the query can be changed as per your infrastructure's requirement. References: https://owasp.org/Top10/A03_2021-Injection/
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Standalone Content |
| ID | 68c0b6bb-6bd9-4ef4-9011-08998c8ef90f |
| Severity | High |
| Kind | Scheduled |
| Tactics | DefenseEvasion, Execution, InitialAccess, PrivilegeEscalation |
| Techniques | T1211, T1059, T1190, T0890 |
| Required Connectors | WAF |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
AzureDiagnostics 🔶 |
Category == "ApplicationGatewayFirewallLog" |
? | ✗ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊