|
Unable to commit detection
|
|
5
|
100
|
August 3, 2022
|
|
Commit detection adjustment in triggers. (Identity key and lasting duration of detection)
|
|
1
|
135
|
June 22, 2022
|
|
Custom Detection Example - Newly created SSL certificate
|
|
0
|
196
|
May 2, 2022
|
|
Help in identifying data obfuscation(protocol impersonation using cookie)
|
|
9
|
600
|
February 9, 2022
|
|
CVE-2021-44228 detection
|
|
2
|
809
|
December 14, 2021
|
|
Handing DETECTION_UPDATE during for ExtraHop-Demisto timeout
|
|
1
|
520
|
October 12, 2021
|
|
Detecting Unauthorized Remote Access Trigger
|
|
0
|
561
|
October 7, 2021
|
|
Mapping HTTP.payload information with Src/Dst IP/Port
|
|
5
|
682
|
September 20, 2021
|
|
Testing a trigger - forcing a detection?
|
|
2
|
778
|
June 22, 2021
|
|
Detection: CVE-2021-22991
|
|
3
|
1136
|
March 12, 2021
|
|
External javascript libraries, decompression, ebcdic
|
|
7
|
2895
|
January 21, 2021
|
|
Detection SIEM Connector Description Issue
|
|
8
|
1101
|
January 4, 2021
|
|
Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability
|
|
0
|
1048
|
November 6, 2020
|
|
Throttle Triggered Precision PCAP
|
|
2
|
1027
|
October 15, 2020
|
|
DNS Answers in ODS feed to Splunk
|
|
2
|
1021
|
October 9, 2020
|
|
Got Bots? We got an App for that!
|
|
1
|
2270
|
September 16, 2020
|
|
TIMER_30SEC event
|
|
2
|
1032
|
August 6, 2020
|
|
Honey Token Detection across multiple protocols
|
|
0
|
1386
|
June 4, 2020
|
|
lookupByIP in L2 discovery
|
|
3
|
1087
|
May 18, 2020
|
|
NDR POW (2/27): POSH Watcher
|
|
6
|
1857
|
May 14, 2020
|
|
MSRPC Records
|
|
1
|
1054
|
March 26, 2020
|
|
Critical Devices - EXA Connector Trigger
|
|
1
|
1370
|
March 18, 2020
|
|
IP address, Port, throughput
|
|
0
|
1046
|
March 15, 2020
|
|
Detection: Cloud Snooper
|
|
0
|
1701
|
February 27, 2020
|
|
NDR POW (12/16) Trickbot/RYUK Variant throw-down
|
|
0
|
1481
|
December 16, 2019
|
|
Debug log shows unexpected entries
|
|
8
|
1327
|
December 14, 2019
|
|
NDR POW (Punkbust Of the Week): Catching Homograph Attacks (PHISH PHINDER!)
|
|
0
|
1444
|
December 9, 2019
|
|
How to Optimize Trigger Code?
|
|
7
|
1495
|
December 5, 2019
|
|
Hadoop DemonBot detection
|
|
2
|
2237
|
November 13, 2019
|
|
NDR: Checking for 'Baby Certs" with Reveal(x)
|
|
1
|
1268
|
November 1, 2019
|
