Potential Webshell Activity

Potential Webshell Activity

Description

Triggered when an internal webserver is accessed from an outside source.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Application Security

Category

Web Attack, Zero Trust

Alert Volume

Low

Data Availability

Bad

Journey

Stage 4

MITRE ATT&CK Tactics

Persistence

MITRE ATT&CK Techniques

Web Shell

Data Sources

Web Server