Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Creates an incident for each Critical or High severity finding reported by XBOW that is currently in an open state. These findings represent the most severe security issues and require immediate attention. Each alert is deduplicated per finding so re-ingestion of the same finding does not produce duplicate incidents.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | XBOW |
| ID | f8e7d6c5-4b3a-4912-8f0e-2d1c3b4a5678 |
| Severity | High |
| Status | Available |
| Kind | Scheduled |
| Tactics | InitialAccess, Execution, PrivilegeEscalation, DefenseEvasion, Impact |
| Techniques | T1190 |
| Required Connectors | XbowSecurityConnector |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
XbowAssets_CL |
? | ✓ | ? |
XbowFindings_CL |
? | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊