Open dluxtron opened 1 week ago
internal_horizontal_port_scan_nmap_top_20.yml Same as the other internal horizontal port scan, but focused on the nmap top 20.
DL PR
Updates to existing ESCU Detections
detect_large_outbound_icmp_packets.yml
detect_outbound_smb_traffic.yml
remote_desktop_network_bruteforce.yml
remote_desktop_network_traffic.yml
smb_traffic_spike.yml
high_volume_of_bytes_out_to_url.yml
java_class_file_download_by_java_user_agent.yml
multiple_archive_files_http_post_traffic.yml
plain_http_post_exfiltrated_data.yml
unusually_long_content_type_length.yml
Added new detection
internal_horizontal_port_scan_nmap_top_20.yml Same as the other internal horizontal port scan, but focused on the nmap top 20.