Abnormally High Number of HTTP Method Events By Src

Description

Alerts when a host has an abnormally high number of HTTP requests by http method.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Application Security, Advanced Threat Detection

Category

Web Attack

Alert Volume

Alerts when a host has an abnormally high number of HTTP requests by http method.

SPL Difficulty

Advanced

Journey

Stage 2

MITRE ATT&CK Tactics

Initial Access
Credential Access

MITRE ATT&CK Techniques

Exploit Public-Facing Application
Brute Force

MITRE Threat Groups

APT28
APT29
APT39
APT41
Axiom
BlackTech
Blue Mockingbird
DarkVishnya
FIN5
GOLD SOUTHFIELD
Night Dragon
OilRig
Rocke
Soft Cell
Turla

Data Sources

Web Proxy