Rule 1
Status	Active
Alert Message	Atomicorp Threat Intel event

Contents 1 Description 1.1 What you should do 2 Troubleshooting 2.1 False Positives 2.2 Tuning Guidance 3 Additional Information 3.1 Support 3.2 Similar Rules 3.3 Knowledge Base Articles 3.4 Outside References 3.5 Notes

Description

The source IP address was detected on the Atomicorp Threat Intel Category 3 list. Category 3 sources are known active brute force attackers.

What you should do

This means a known attack source is attempting to brute force your environment. These sources can be blocked automatically using active response.

Troubleshooting

False Positives

There are no false positives with this rule.

Tuning Guidance

There is no guidance for tuning this rule, this is a generic event and the rule should not be disabled.

Additional Information

Support

If you are unsure about how to respond to this alert, please contact Atomicorp support. We're here to help you!

Similar Rules

None.

Knowledge Base Articles

None.

Outside References

None.

Notes