ResourceDevelopment
Rule Name | id | Required data connectors |
---|---|---|
Unauthorized EC2 Instance Setup Attempt | f7210a45-12a4-4d02-b59e-f23476827a4b | AWS |
Cisco SDWAN - Maleware Events | cb14defd-3415-4420-a2e4-2dd0f3e07a86 | CiscoSDWAN |
Brand Abuse | 6e9e1975-6d85-4387-bd30-3881c66e302e | CBSPollingIDAzureFunctions |
Doorway Page (High) | 4ae3be36-0c07-4e51-9765-1ab446e937f2 | CBSPollingIDAzureFunctions |
Doorway Page (Informational) | 7de074aa-de27-4129-8638-e10a5a15f9cc | CBSPollingIDAzureFunctions |
Doorway Page (Low) | b011ec39-4dc1-44a2-96ef-e1c6ef4e17b4 | CBSPollingIDAzureFunctions |
Doorway Page (Medium) | 2c8d6d6e-5d56-4d2f-9e1d-a79319f85b3f | CBSPollingIDAzureFunctions |
Exposed Misconfiguration (High) | 71ce7988-130e-42d6-82ea-a687c13011b2 | CBSPollingIDAzureFunctions |
Exposed Misconfiguration (Informational) | 833b5430-9454-41f8-96ac-bf77e67df53b | CBSPollingIDAzureFunctions |
Exposed Misconfiguration (Low) | ba25d152-3741-4564-b9dd-1f0afe7829ff | CBSPollingIDAzureFunctions |
Exposed Misconfiguration (Medium) | 6e343c15-d718-435c-a64d-37f4a408c7c2 | CBSPollingIDAzureFunctions |
Exposed Email Address | b25aae75-d333-4b77-a7c1-b24644dc1e1f | CBSPollingIDAzureFunctions |
Exposed User List | 2caf81cf-a419-4d56-91da-67368f2e73d2 | HVPollingIDAzureFunctions |
Suspicious Mobile App High | 6e9afac9-6828-486f-b1d8-cf76e86e1224 | CBSPollingIDAzureFunctions |
Suspicious Mobile App INFO | 18155351-23b6-4684-bca6-23c11e4ff5c1 | CBSPollingIDAzureFunctions |
CYFIRMA - Attack Surface - Weak Certificate Exposure - High Rule | 3b5a1c0e-7f3a-4d47-8416-6c0b8b91e9ce | CyfirmaAttackSurfaceAlertsConnector |
CYFIRMA - Attack Surface - Weak Certificate Exposure - Medium Rule | 5a617ff2-3e3d-44e7-b761-9f0d542ae191 | CyfirmaAttackSurfaceAlertsConnector |
CYFIRMA - Brand Intelligence - Domain Impersonation High Rule | 10bdf525-5b89-4a25-933a-e63e73b915f1 | CyfirmaBrandIntelligenceAlertsDC |
CYFIRMA - Brand Intelligence - Domain Impersonation Medium Rule | 8f97ddbe-ab66-4f6c-b675-73b5eeb07259 | CyfirmaBrandIntelligenceAlertsDC |
CYFIRMA - Brand Intelligence - Executive/People Impersonation High Rule | 159d26a1-591c-4f70-b1ca-2843c881aaec | CyfirmaBrandIntelligenceAlertsDC |
CYFIRMA - Brand Intelligence - Executive/People Impersonation Medium Rule | 59aa22f2-5b4f-4679-b289-003228255413 | CyfirmaBrandIntelligenceAlertsDC |
CYFIRMA - Brand Intelligence - Malicious Mobile App High Rule | 3176ac89-b195-48b7-a01e-740a6b26fb2f | CyfirmaBrandIntelligenceAlertsDC |
CYFIRMA - Brand Intelligence - Malicious Mobile App Medium Rule | b73e6628-d44c-4ad3-a801-ea225c5744ee | CyfirmaBrandIntelligenceAlertsDC |
CYFIRMA - Brand Intelligence - Product/Solution High Rule | 3a9a81bc-2f41-4d68-9cd1-7788326c92b1 | CyfirmaBrandIntelligenceAlertsDC |
CYFIRMA - Brand Intelligence - Product/Solution Medium Rule | 458d964f-d039-4ce0-9741-0b6245ba3374 | CyfirmaBrandIntelligenceAlertsDC |
CYFIRMA - Brand Intelligence - Social Media Handle Impersonation Detected High Rule | 22f49d67-7da7-4809-8d07-89e4478aa6b0 | CyfirmaBrandIntelligenceAlertsDC |
CYFIRMA - Brand Intelligence - Social Media Handle Impersonation Detected Medium Rule | 710f4755-490d-4fa7-aef0-43b5a66edc7b | CyfirmaBrandIntelligenceAlertsDC |
CYFIRMA - Social and Public Exposure - Social Media Threats Activity Detected Rule | 4fe04459-13f1-4ff7-9b7c-f9be0c2aad6d | CyfirmaDigitalRiskAlertsConnector |
CYFIRMA - Social and Public Exposure - Social Media Threats Activity Detected Rule | b8149f2f-54da-4f7b-98e1-c01ca47e1e55 | CyfirmaDigitalRiskAlertsConnector |
CYFIRMA - Social and Public Exposure - Source Code Exposure on Public Repositories Rule | 42e6f16a-7773-44cc-8668-8f648bd1aa4f | CyfirmaDigitalRiskAlertsConnector |
CYFIRMA - Social and Public Exposure - Source Code Exposure on Public Repositories Rule | 28e315a3-725d-4261-a6c2-e597d51541f4 | CyfirmaDigitalRiskAlertsConnector |
Flare SSL Certificate result | 9cb7c337-f179-4af6-b0e8-b6b7552d762d | Flare |
Power Apps - Bulk sharing of Power Apps to newly created guest users | 943acfa0-9285-4eb0-a9c0-42e36177ef19 | PowerPlatformAdmin AzureActiveDirectory |
New onmicrosoft domain added to tenant | 4f42b94f-b210-42d1-a023-7fa1c51d969f | AzureActiveDirectory |
BTP - Malware detected in BAS dev space | 31997e9a-7447-47f3-8208-4f5d7efe497c | SAPBTPAuditEvents |
Semperis DSP Operations Critical Notifications | 8f471e21-3bb2-466f-9bc2-0a0326a60788 | SemperisDSP |
ZeroFox Alerts - High Severity Alerts | deb45e6d-892f-40bf-9118-e2a6f26b788d | ZeroFox_Alert_Polling |
ZeroFox Alerts - Informational Severity Alerts | 6f7a7413-b72f-4361-84ee-897baeb9c6d4 | ZeroFox_Alert_Polling |
ZeroFox Alerts - Low Severity Alerts | e0c7a91a-7aa1-498a-9c20-cd6c721f9345 | ZeroFox_Alert_Polling |
ZeroFox Alerts - Medium Severity Alerts | a6496de5-911b-4199-b7db-d34ac9d70df3 | ZeroFox_Alert_Polling |