Network Protocol Violation

Description

Triggered when there is more than expected traffic destined for a single device. Most typically this anomaly is seen with DDOS behavior or something similar.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Security Monitoring

Category

Network Attack

Alert Volume

Medium

Journey

Stage 2

MITRE ATT&CK Tactics

Impact

MITRE ATT&CK Techniques

Endpoint Denial of Service

Data Sources

Network Communication