Navigation :
External Alarm Activity
Description
This is a generic catch all anomaly that can hold alarms generated by 3rd party systems like firewall, IDS/IPS, Enterprise Security, etc.
Content Mapping
This content is not mapped to any local saved search. Add mapping
Use Case
Advanced Threat Detection, Security Monitoring, Insider Threat
Category
Endpoint Compromise, Network Attack
Alert Volume
MediumJourney
Stage 4Data Sources
IDS or IPS
DLP
Anti-Virus or Anti-Malware
Host-based IDS