Detects ATP and malicious activities

Last updated on:

About the rule

Rule Type

Standard

Rule Description

Detects the ATP engine that has identified a file or action as malicious based on behavior or signature analysis.

Severity

Trouble

Rule Requirement

Criteria

Action1: actionname = "Detects when ATP identifies a malicious activity" select Action1.HOSTNAME,Action1.EVENTID,Action1.TYPE,Action1.SUBTYPE,Action1.SOURCE_IP,Action1.DESCRIPTION,Action1.SOURCETYPE,Action1.MESSAGE

Detection

Execution Mode

realtime

Log Sources

Barracuda