n.Scope NDR v2.0 - EN
  • πŸ‘‹Welcome
  • Product Guides
    • πŸ“ŽExplore your Network
    • 🚨Using Alerts
  • Deployment
    • πŸ› οΈDeployment Guide
    • πŸ—ΊοΈn.Scope Deployment Planning
    • πŸ“‘Installing Nanocorp n.Scope
      • πŸ‘“Deploy n.Scope
      • πŸͺDeploy n.Probes, n.Rewind, n.Fusion
  • Ressources
    • πŸ”¦Alerts
      • Command & Control
        • CNC01 - Oversized UDP DNS
        • CNC02 - Protocols Ports Missmatch
        • CNC03 - BETA - Threat Intelligence Match
      • Denial of Service
        • DOS01 - DHCP Starvation
        • DOS02 - AI Smart Alert - Distributed Denial of Service
        • DOS03 - Excessive ICMP Rate
      • Exfiltration
        • EXF01 - Deprecated TLS
      • Initial Access
        • IAC01 - Suspicious SSH Admin
        • IAC02 - Unauthorized Application
        • IAC03 - Malicious TLS Signatures
      • Reconnaissance
        • REC01 - Suspicious Port Scan
        • REC02 - BETA - AI Smart Alert - Suspicious Port Sweep
      • Security Policies
        • NPC01 - Unwanted Protocol
        • NPC02 - Subnet Whitelist
        • NPC03 - Trusted Protocol
        • NPC04 - Insecure Email Protocol
        • NPC05 - Device Whitelist
    • πŸ”ŒIntegrations
      • 🚦Alerting
        • Discord
        • Slack
      • πŸ›°οΈCyber Threat Intelligence
      • πŸ”‘Single-Sign-On
        • πŸͺŸAzure AD SSO
    • πŸ€–Network Protocols
Powered by GitBook
On this page
  1. Ressources

Alerts

Last updated 1 year ago

In the section, you will find every alert template supported by n.Scope NDR. They are grouped by category. The alert ID between parentheses follows the Template Name.

MITRE ATT&CK Kill Chain is a framework that outlines the various stages of a cyber attack, from initial reconnaissance to the final data exfiltration or system compromise. By leveraging the Kill Chain model, n.Scope NDR can effectively pinpoint where an attack is in its lifecycle, enabling rapid response to threats and significantly reducing cybersecurity risks for our customers. Each stage of the Kill Chain has corresponding alert templates within our system, designed to trigger notifications and responses that are finely tuned to attackers' specific tactics and techniques.

Alert Categories

πŸ”¦
Command & Control
Denial of Service
Exfiltration
Initial Access
Security Policies
Reconnaissance