Vendor: Cisco

Product: ADC

Use-Case: Ransomware

Rules	Models	MITRE ATT&CK® TTPs	Event Types	Parsers
1	0	1	1	1

Event Type	Rules	Models
web-activity-allowed	T1071.001 - Application Layer Protocol: Web Protocols ↳ WEB-UI-Ransomware: User attempted to connect to IP address which is associated to Ransomware