Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This rule detects abnormal number of 403 errors from clients. HTTP 403 is returned when the client is not permitted access to the resource despite providing authentication in case such as when authenticated account not having sufficient permissions
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | Web Session Essentials |
| ID | 43c2832e-6c01-4dc1-bd9e-bc3f330c2b31 |
| Tactics | Persistence, CredentialAccess |
| Techniques | T1110, T1556 |
| Source | View on GitHub |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊