- 필수 기능
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- 디지털 경험
- 소프트웨어 제공
- 보안
- 로그 관리
- 관리
- 인프라스트럭처
- ci
- containers
- csm
- ndm
- otel_guides
- overview
- slos
- synthetics
- tests
- 워크플로
Tactic:
Detects when a known security tool performs a scan against your services.
The detection rule identifies known security scanners by using common fingerprints associated with the scanners.
The signal severity is set to LOW
because those tools are mostly used during the discovery phase.
The severity is raised to MEDIUM
if multiple distinct security tools are detected. This may indicate broader reconnaissance against your systems.
If the tool discovers a vulnerability, a HIGH
severity signal is emitted.