Analytic rule description link is broken #9129
Assignees
Labels
Comments
|
Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal. |
|
Hi @applefacts, I think this blog can be found here - https://medium.com/@HuntOperator/detect-beaconing-with-flare-elastic-stack-and-intrusion-detection-systems-110dc74e0c56 Please confirm the link, we will raise a PR and update the same. |
|
Validated link and added a PR: #9136 |
|
Hi @azurekid, thanks for confirming, we will review the PR and will update you. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://github.com/Azure/Azure-Sentinel/blob/a6593c2bb08c6cb6fbcaabdd961c83ef9f9b89b1/Solutions/Network%20Session%20Essentials/Analytic%20Rules/PossibleBeaconingActivity.yaml
This rule identifies beaconing patterns from Network traffic logs based on recurrent frequency patterns. Such potential outbound beaconing pattern to untrusted public networks should be investigated for any malware callbacks or data exfiltration attempts as discussed in this Blog.<br>
This analytic rule uses ASIM and supports any built-in or custom source that supports the ASIM NetworkSession schema'
The blog doesn't exist anymore.
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: