Vendor: F5
June 14, 2023 · View on GitHub
Product: WebSafe
Use-Case: Privileged Activity
| Rules | Models | MITRE ATT&CK® TTPs | Event Types | Parsers |
|---|---|---|---|---|
| 2 | 0 | 3 | 2 | 2 |
| Event Type | Rules | Models |
|---|---|---|
| web-activity-allowed | T1071.001 - Application Layer Protocol: Web Protocols ↳ A-WEB-DC: Web activity event on a Domain Controller ↳ WEB-ALERT-EXEC: Security violation by Executive in web activity T1078 - Valid Accounts ↳ WEB-ALERT-EXEC: Security violation by Executive in web activity T1102 - Web Service ↳ A-WEB-DC: Web activity event on a Domain Controller | |
| web-activity-denied | T1071.001 - Application Layer Protocol: Web Protocols ↳ A-WEB-DC: Web activity event on a Domain Controller ↳ WEB-ALERT-EXEC: Security violation by Executive in web activity T1078 - Valid Accounts ↳ WEB-ALERT-EXEC: Security violation by Executive in web activity T1102 - Web Service ↳ A-WEB-DC: Web activity event on a Domain Controller |