Rules by Product and UseCase

May 10, 2023 · View on GitHub

Vendor: SecureNet

Product: SecureNet

Use-Case: Phishing

RulesModelsMITRE ATT&CK® TTPsActivity TypesParsers
22111
Event TypeRulesModels
vpn-logoutT1566 - Phishing
EM-FNum-in: Abnormal number of incoming emails
EM-BSum-in: Abnormal size of incoming emails		EM-BSum-in: Sum of bytes in incoming emails
EM-FNum-in: Count of incoming emails