cancel
Showing results for 
Search instead for 
Did you mean: 
gonzalo.soto
Level 7

Umbrales (criticidad) de reglas de correlación recomendado por Macfee

Dear,

Along with greeting, I look for the criticality thresholds of the following correlation rules within the ESM.

Rule Name: Login - Brute Force Login Attempts from multiple Sources

Rule Name: Login - Brute Force Login Attempts to remote Host.

• Rule Name: Login - Brute Force Login Attempts on an Internal Host from a multiple sources.

• Rule Name: Database - unique Database Access multiple Attempt Failures

• Rule Name: Database - Excessive Database Connections From Multiple Source

• Rule Name: Database - Attempted Database Configuration Change by a Local Host

• Rule Name: Component - Events to a Source Network

0 Kudos