You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-iot/organizations/alert-engine-messages.md
-1Lines changed: 0 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -108,7 +108,6 @@ The policy engine alerts table contains the **Aggregated** item to indicate that
108
108
|**New Activity Detected - EtherNet/IP Protocol Command**| New traffic parameters were detected. This parameter combination isn't authorized as learned traffic on your network. The following combination is unauthorized. | Medium | Unauthorized Communication Behavior |**Tactics:** <br> - Inhibit Response Function <br><br> **Techniques:** <br> - T0836: Modify Parameter | Learnable | Yes |
109
109
|**New Activity Detected - GSM Message Code**| New traffic parameters were detected. This parameter combination isn't authorized as learned traffic on your network. The following combination is unauthorized. | Medium | Unauthorized Communication Behavior |**Tactics:** <br> - CommandAndControl <br><br> **Techniques:** <br> - T0869: Standard Application Layer Protocol | Learnable | Yes |
110
110
|**New Activity Detected - LonTalk Command Codes**| New traffic parameters were detected. This parameter combination isn't authorized as learned traffic on your network. The following combination is unauthorized. | Medium | Unauthorized Communication Behavior |**Tactics:** <br> - Collection <br> - Impair Process Control <br><br> **Techniques:** <br> - T0861 - Point & Tag Identification <br> - T0855: Unauthorized Command Message | Learnable | Yes |
111
-
|**New Port Discovery**| New traffic parameters were detected. This parameter combination isn't authorized as learned traffic on your network. The following combination is unauthorized. | Low | Discovery |**Tactics:** <br> - Lateral Movement <br><br> **Techniques:** <br> - T0867: Lateral Tool Transfer | Learnable| No |
112
111
|**New Activity Detected - LonTalk Network Variable**| New traffic parameters were detected. This parameter combination isn't authorized as learned traffic on your network. The following combination is unauthorized. | Medium | Unauthorized Communication Behavior |**Tactics:** <br> - Impair Process Control <br><br> **Techniques:** <br> - T0855: Unauthorized Command Message | Learnable| Yes |
113
112
|**New Activity Detected - Ovation Data Request**| New traffic parameters were detected. This parameter combination isn't authorized as learned traffic on your network. The following combination is unauthorized. | Medium | Unauthorized Communication Behavior |**Tactics:** <br> - Collection <br> - Discovery <br><br> **Techniques:** <br> - T0801: Monitor Process State <br> - T0888: Remote System Information Discovery | Learnable | Yes |
114
113
|**New Activity Detected - Read/Write Command (AMS Index Group)**| New traffic parameters were detected. This parameter combination isn't authorized as learned traffic on your network. The following combination is unauthorized. | Medium | Configuration Changes |**Tactics:** <br> - Impair Process Control <br> - Inhibit Response Function <br><br> **Techniques:** <br> - T0855: Unauthorized Command Message <br> - T0836: Modify Parameter | Learnable | Yes |
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments