{"version":1,"pages":[{"id":"dWa09rh8LMpzOyAFa5H1","title":"Welcome","pathname":"/n.scope-v2.0-english","siteSpaceId":"sitesp_ejXOD","emoji":"1f44b"},{"id":"6arIa8vWbC71yb2m6dun","title":"Explore your Network","pathname":"/n.scope-v2.0-english/product-guides/explore-your-network","siteSpaceId":"sitesp_ejXOD","emoji":"1f4ce","breadcrumbs":[{"label":"Product Guides"}]},{"id":"YqPcq68QiEA9cfWePygl","title":"Using Alerts","pathname":"/n.scope-v2.0-english/product-guides/using-alerts","siteSpaceId":"sitesp_ejXOD","emoji":"1f6a8","breadcrumbs":[{"label":"Product Guides"}]},{"id":"AiSmklOTpJ0pQNYAPWdr","title":"Deployment Guide","pathname":"/n.scope-v2.0-english/deployment/deployment-guide","siteSpaceId":"sitesp_ejXOD","emoji":"1f6e0","breadcrumbs":[{"label":"Deployment"}]},{"id":"q4YFA5TxAN06Kp27HsOE","title":"n.Scope Deployment Planning","pathname":"/n.scope-v2.0-english/deployment/n.scope-deployment-planning","siteSpaceId":"sitesp_ejXOD","emoji":"1f5fa","description":"","breadcrumbs":[{"label":"Deployment"}]},{"id":"4LBhFClM3WzdFBcwYfjQ","title":"Installing Nanocorp n.Scope","pathname":"/n.scope-v2.0-english/deployment/installing-nanocorp-n.scope","siteSpaceId":"sitesp_ejXOD","emoji":"1f4e1","breadcrumbs":[{"label":"Deployment"}]},{"id":"mh1kKaGXgJg1XwVLH4hs","title":"Deploy n.Scope","pathname":"/n.scope-v2.0-english/deployment/installing-nanocorp-n.scope/deploy-n.scope","siteSpaceId":"sitesp_ejXOD","emoji":"1f453","breadcrumbs":[{"label":"Deployment"},{"label":"Installing Nanocorp n.Scope","emoji":"1f4e1"}]},{"id":"WXQbaCGqVF4eUF2nEEtd","title":"Deploy n.Probes, n.Rewind, n.Fusion","pathname":"/n.scope-v2.0-english/deployment/installing-nanocorp-n.scope/deploy-n.probes-n.rewind-n.fusion","siteSpaceId":"sitesp_ejXOD","emoji":"1fa9d","breadcrumbs":[{"label":"Deployment"},{"label":"Installing Nanocorp n.Scope","emoji":"1f4e1"}]},{"id":"prxKyEjIgY6NNQ7CYLGq","title":"Alerts","pathname":"/n.scope-v2.0-english/ressources/alerts","siteSpaceId":"sitesp_ejXOD","emoji":"1f526","breadcrumbs":[{"label":"Ressources"}]},{"id":"Hu2lQWyEshPq1L9wSxFH","title":"Command & Control","pathname":"/n.scope-v2.0-english/ressources/alerts/command-and-control","siteSpaceId":"sitesp_ejXOD","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"}]},{"id":"7iwJcqg7WnDz3E6VMls8","title":"CNC01 - Oversized UDP DNS","pathname":"/n.scope-v2.0-english/ressources/alerts/command-and-control/cnc01-oversized-udp-dns","siteSpaceId":"sitesp_ejXOD","description":"This template allows the detection and alerting when DNS packets are bigger than the RFC specification. This may be an indication of perimeter breach.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Command & Control"}]},{"id":"pYsacgsANuH36wAcQ0NO","title":"CNC02 - Protocols Ports Missmatch","pathname":"/n.scope-v2.0-english/ressources/alerts/command-and-control/cnc02-protocols-ports-missmatch","siteSpaceId":"sitesp_ejXOD","description":"This alert will trigger when an RFC-standardized protocol is detected using a non-standard UDP or TCP Port.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Command & Control"}]},{"id":"orqDby2U8L0t5kDAYduf","title":"CNC03 - BETA - Threat Intelligence Match","pathname":"/n.scope-v2.0-english/ressources/alerts/command-and-control/cnc03-beta-threat-intelligence-match","siteSpaceId":"sitesp_ejXOD","description":"This alert triggers when an internal asset exchange traffic with an IPv4, IPv6 address, or URL that are flagged malicious by a Threat Intelligence feed.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Command & Control"}]},{"id":"lSfHJLj1VOGyHtJBwNC5","title":"Denial of Service","pathname":"/n.scope-v2.0-english/ressources/alerts/denial-of-service","siteSpaceId":"sitesp_ejXOD","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"}]},{"id":"QHS0kAOUrfuKkRBZKawq","title":"DOS01 - DHCP Starvation","pathname":"/n.scope-v2.0-english/ressources/alerts/denial-of-service/dos01-dhcp-starvation","siteSpaceId":"sitesp_ejXOD","description":"This alert template triggers when a rapid sequence of DHCP request coming from an internal host is happening. This may be an indication of a DHCP Starvation attack.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Denial of Service"}]},{"id":"HKOrk0fpWd0SfdHKIJby","title":"DOS02 - AI Smart Alert - Distributed Denial of Service","pathname":"/n.scope-v2.0-english/ressources/alerts/denial-of-service/dos02-ai-smart-alert-distributed-denial-of-service","siteSpaceId":"sitesp_ejXOD","description":"This alert triggers when an incoming DDOS Attack is detected toward an asset of the organization.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Denial of Service"}]},{"id":"9NltShHAjCitSpzQxtDo","title":"DOS03 - Excessive ICMP Rate","pathname":"/n.scope-v2.0-english/ressources/alerts/denial-of-service/dos03-excessive-icmp-rate","siteSpaceId":"sitesp_ejXOD","description":"This alert template will trigger when an excessive amount of ICMP traffic is detected in the specified subnets.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Denial of Service"}]},{"id":"G4tKGHDsyEmiy0y1ZSPu","title":"Exfiltration","pathname":"/n.scope-v2.0-english/ressources/alerts/exfiltration","siteSpaceId":"sitesp_ejXOD","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"}]},{"id":"4ZcUdx6kObOKtmWWdrzB","title":"EXF01 - Deprecated TLS","pathname":"/n.scope-v2.0-english/ressources/alerts/exfiltration/exf01-deprecated-tls","siteSpaceId":"sitesp_ejXOD","description":"This template detected the use of deprecated or insecure versions of the SSL/TLS protocols’ cryptographic settings, which can expose systems to data interception.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Exfiltration"}]},{"id":"9MGzhHjRi3xp6MaFwYo4","title":"Initial Access","pathname":"/n.scope-v2.0-english/ressources/alerts/initial-access","siteSpaceId":"sitesp_ejXOD","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"}]},{"id":"e6q2JyafwG4ZsmKrmq9z","title":"IAC01 - Suspicious SSH Admin","pathname":"/n.scope-v2.0-english/ressources/alerts/initial-access/iac01-suspicious-ssh-admin","siteSpaceId":"sitesp_ejXOD","description":"This alert will trigger when an inbound SSH session from an external IP address is detected, which can be abused for Initial Access by a threat actor.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Initial Access"}]},{"id":"F5a1ZK7WZRwmwASqUsQg","title":"IAC02 - Unauthorized Application","pathname":"/n.scope-v2.0-english/ressources/alerts/initial-access/iac02-unauthorized-application","siteSpaceId":"sitesp_ejXOD","description":"This alert triggers when traffic is detected with a matching TLS certificate name.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Initial Access"}]},{"id":"ZnfXAnQWoWNq3jDzb6l2","title":"IAC03 - Malicious TLS Signatures","pathname":"/n.scope-v2.0-english/ressources/alerts/initial-access/iac03-malicious-tls-signatures","siteSpaceId":"sitesp_ejXOD","description":"This alert triggers when a malicious JA3/JA3S signature is detected in TLS traffic, both client-side and server-side.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Initial Access"}]},{"id":"F6SUSmVE2sJ2BkiQf2rC","title":"Reconnaissance","pathname":"/n.scope-v2.0-english/ressources/alerts/reconnaissance","siteSpaceId":"sitesp_ejXOD","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"}]},{"id":"Ik4NmQlHcudqlCQT77JB","title":"REC01 - Suspicious Port Scan","pathname":"/n.scope-v2.0-english/ressources/alerts/reconnaissance/rec01-suspicious-port-scan","siteSpaceId":"sitesp_ejXOD","description":"This alert triggers when detecting an internal host that is performing a serialized open port discovery on a target host, potentially indicating reconnaissance activities.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Reconnaissance"}]},{"id":"E26nJKYv0wExTnoGsUd4","title":"REC02 - BETA - AI Smart Alert - Suspicious Port Sweep","pathname":"/n.scope-v2.0-english/ressources/alerts/reconnaissance/rec02-beta-ai-smart-alert-suspicious-port-sweep","siteSpaceId":"sitesp_ejXOD","description":"Detecting an internal host that has attempted to reach a large number of internal IP addresses, but on a small number of ports.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Reconnaissance"}]},{"id":"V0D13hQAbdTM94pgk80E","title":"Security Policies","pathname":"/n.scope-v2.0-english/ressources/alerts/security-policies","siteSpaceId":"sitesp_ejXOD","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"}]},{"id":"QBRLZSRDt35wBgHijBRl","title":"NPC01 - Unwanted Protocol","pathname":"/n.scope-v2.0-english/ressources/alerts/security-policies/npc01-unwanted-protocol","siteSpaceId":"sitesp_ejXOD","description":"This template allows the detection and alerting when the probes see the specified protocol or set of protocols on one or multiple subnets.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Security Policies"}]},{"id":"3XEcUKNzLnCMXXfC3NWS","title":"NPC02 - Subnet Whitelist","pathname":"/n.scope-v2.0-english/ressources/alerts/security-policies/npc02-subnet-whitelist","siteSpaceId":"sitesp_ejXOD","description":"Use this alert to configure a virtual fence to enforce security policies in the organization’s network.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Security Policies"}]},{"id":"Cg3pYyekdonz4VmAYRXw","title":"NPC03 - Trusted Protocol","pathname":"/n.scope-v2.0-english/ressources/alerts/security-policies/npc03-trusted-protocol","siteSpaceId":"sitesp_ejXOD","description":"This template allows the detection and alerting when the probes does not see the specified protocol or set of protocols on one or multiple subnets.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Security Policies"}]},{"id":"mz6ez3oLwfi1kaRu2U0E","title":"NPC04 - Insecure Email Protocol","pathname":"/n.scope-v2.0-english/ressources/alerts/security-policies/npc04-insecure-email-protocol","siteSpaceId":"sitesp_ejXOD","description":"This template allows the detection of an insecure Email protocol (POP, SMTP, IMAP).","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Security Policies"}]},{"id":"eW8Fj8gEAHDDeYfhsItI","title":"NPC05 - Device Whitelist","pathname":"/n.scope-v2.0-english/ressources/alerts/security-policies/npc05-device-whitelist","siteSpaceId":"sitesp_ejXOD","description":"This alert template will trigger when, in a given network perimeter, trafic is detected that from unlisted IP address.","breadcrumbs":[{"label":"Ressources"},{"label":"Alerts","emoji":"1f526"},{"label":"Security Policies"}]},{"id":"KXpuC7lVpotrlGAQV82r","title":"Integrations","pathname":"/n.scope-v2.0-english/ressources/integrations","siteSpaceId":"sitesp_ejXOD","emoji":"1f50c","breadcrumbs":[{"label":"Ressources"}]},{"id":"qMcu9ZrDBbNLgtWQ4vF6","title":"Alerting","pathname":"/n.scope-v2.0-english/ressources/integrations/alerting","siteSpaceId":"sitesp_ejXOD","emoji":"1f6a6","breadcrumbs":[{"label":"Ressources"},{"label":"Integrations","emoji":"1f50c"}]},{"id":"DeqbSKuGQGN5iuGc5dPP","title":"Discord","pathname":"/n.scope-v2.0-english/ressources/integrations/alerting/discord","siteSpaceId":"sitesp_ejXOD","breadcrumbs":[{"label":"Ressources"},{"label":"Integrations","emoji":"1f50c"},{"label":"Alerting","emoji":"1f6a6"}]},{"id":"AsRTEYhrCtPz3xn1RAEi","title":"Slack","pathname":"/n.scope-v2.0-english/ressources/integrations/alerting/slack","siteSpaceId":"sitesp_ejXOD","breadcrumbs":[{"label":"Ressources"},{"label":"Integrations","emoji":"1f50c"},{"label":"Alerting","emoji":"1f6a6"}]},{"id":"Ps265qbCpdm3wEyoi4Te","title":"Cyber Threat Intelligence","pathname":"/n.scope-v2.0-english/ressources/integrations/cyber-threat-intelligence","siteSpaceId":"sitesp_ejXOD","emoji":"1f6f0","breadcrumbs":[{"label":"Ressources"},{"label":"Integrations","emoji":"1f50c"}]},{"id":"3kW1qo9Gr4h9tXd0tnTI","title":"Single-Sign-On","pathname":"/n.scope-v2.0-english/ressources/integrations/single-sign-on","siteSpaceId":"sitesp_ejXOD","emoji":"1f511","breadcrumbs":[{"label":"Ressources"},{"label":"Integrations","emoji":"1f50c"}]},{"id":"xeCYsjCz0C6naAGbRV5d","title":"Azure AD SSO","pathname":"/n.scope-v2.0-english/ressources/integrations/single-sign-on/azure-ad-sso","siteSpaceId":"sitesp_ejXOD","emoji":"1fa9f","breadcrumbs":[{"label":"Ressources"},{"label":"Integrations","emoji":"1f50c"},{"label":"Single-Sign-On","emoji":"1f511"}]},{"id":"GamvQv00BJj8IV3VkywK","title":"Network Protocols","pathname":"/n.scope-v2.0-english/ressources/network-protocols","siteSpaceId":"sitesp_ejXOD","emoji":"1f916","breadcrumbs":[{"label":"Ressources"}]}]}