Skip to content

Latest commit

 

History

History
33 lines (14 loc) · 414 Bytes

API-Usage.md

File metadata and controls

33 lines (14 loc) · 414 Bytes

API Usage Use Cases

Grouped by Detection Method

Aggregate Count

  • Count of Events per Source User/Token
  • Count of Events per Target System

Blacklist Alert

  • Calls with Command-line Syntax

Whitelist Alert

Levenshtein Score Alert

Rolling Whitelist Alert

Shannon Entropy Score Alert

Threshold Alert

Log Source Examples

Possible False Positives