Reasons
- Threat activity was observed from a single node only.
MITRE ATT&CK Mappings
- Tactics: Reconnaissance
- Techniques: T1595
Evidence
- Nodes observed: 1
- Severity: LOW
- TTL remaining: 4d 12h
Scenarios
- crowdsecurity/http-admin-interface-probing
- suspicious-probe
- crowdsecurity/http-probing
- crowdsecurity/http-sensitive-files