Rules
Detect attempts to run vulnerability scanners, etc. based on the `Activate Attack Tool` pattern group.
Detects unauthorized China Mail Service access based on the `China Mail Service` pattern group.
Detect attempts to access cloud drives, web hards, etc. based on the `Cloud Storage and NAS` pattern group.
Detects unauthorized attempts to access cryptocurrency services based on the `Cryptocurrency Services` pattern group.
Detects unusual DDNS connections based on the `DDNS Service` pattern group.
Detects attempts to access domains with a high risk of information leakage based on the `Leak Risk Domains` pattern group.
Detects domain access used for remote control based on the `Remote Control Service` pattern group.
Detects torrent access attempts based on the `Torrent Service` pattern group.
Detects access to a `file sharing port` of the Internet.
Detects unauthorized Messenger access attempts based on the `Messenger Service` pattern group.
Detects VPN connection attempts based on the `VPN domain` pattern group.
Detects unauthorized webmail access attempts based on the `External Mail Service` pattern group.