Rules by Product and UseCase
April 15, 2026 · View on GitHub
Vendor: Apache
Product: Apache
Use-Case: Ransomware
| Rules | Models | MITRE ATT&CK® TTPs | Activity Types | Parsers |
|---|---|---|---|---|
| 1 | 0 | 2 | 2 | 1 |
| Event Type | Rules | Models |
|---|---|---|
| web-activity-allowed | T1071 - Application Layer Protocol ↳ WEB-UI-Ransomware: User attempted to connect to IP address which is associated to Ransomware T1071.001 - Application Layer Protocol: Web Protocols ↳ WEB-UI-Ransomware: User attempted to connect to IP address which is associated to Ransomware | |
| web-activity-denied | T1071 - Application Layer Protocol ↳ WEB-UI-Ransomware: User attempted to connect to IP address which is associated to Ransomware T1071.001 - Application Layer Protocol: Web Protocols ↳ WEB-UI-Ransomware: User attempted to connect to IP address which is associated to Ransomware |