Vendor: Cisco
June 14, 2023 · View on GitHub
Product: Netflow
Use-Case: Malware
| Rules | Models | MITRE ATT&CK® TTPs | Event Types | Parsers |
|---|---|---|---|---|
| 3 | 0 | 1 | 1 | 1 |
| Event Type | Rules | Models |
|---|---|---|
| netflow-connection | TA0011 - TA0011 ↳ A-NET-TI-H-Outbound: Outbound connection to a known malicious host ↳ A-NET-TI-IP-Inbound: Inbound connection from a known malicious IP ↳ A-NET-TI-H-Inbound: Inbound connection from a known malicious host |