Rules by Product and UseCase
November 29, 2023 · View on GitHub
Vendor: Attivo
Product: BOTsink
Use-Case: Malware
| Rules | Models | MITRE ATT&CK® TTPs | Activity Types | Parsers |
|---|---|---|---|---|
| 3 | 0 | 1 | 1 | 1 |
| Event Type | Rules | Models |
|---|---|---|
| network-connection-successful | TA0011 - TA0011 ↳ A-NET-TI-H-Outbound: Outbound connection to a known malicious host ↳ A-NET-TI-IP-Inbound: Inbound connection from a known malicious IP ↳ A-NET-TI-H-Inbound: Inbound connection from a known malicious host |