Sharepoint Rules
2 detection rules in this category.
| Rule | Severity | MITRE | Source |
|---|---|---|---|
| Anonymous link created | High | T1567 | AuditLog |
| File malware detected | Critical | T1204.002 | AuditLog |
Anonymous link created
| Property | Value |
|---|---|
| Severity | 🟠 High |
| Source | AuditLog |
| MITRE | T1567 (Exfiltration) |
Anonymous sharing link created - data exposure risk
Conditions
- Match: all
OperationEqualsAnonymousLinkCreated
File malware detected
| Property | Value |
|---|---|
| Severity | 🔴 Critical |
| Source | AuditLog |
| MITRE | T1204.002 (Execution) |
Malware detected in uploaded file
Conditions
- Match: all
OperationEqualsFileMalwareDetected