Alert Types New in this Release
The following built-in alert types are new in this release:
-
ICMP Based Exfiltration or Tunneling
-
Login Attempt Location Count
-
Suspected Network Beaconing Activities
-
Suspicious OCI Cross Tenancy Communication
-
Uncommon Top-Level Domain Anomaly
There were no new rule-based alert types in this release, however, the following alert types had new rules added:
-
Potentially Malicious Windows Event
-
Sensitive Windows Network Share File or Folder Accessed
-
Steal or Forge Kerberos Tickets
-
Suspicious PowerShell Script
-
Suspicious Process Creation Commandline
