Security Command Center analyzes various logs for potential threats that affect network resources. For recommended responses to these threats, see Respond to network threat findings .
The following log-based detections are available with Event Threat Detection :
Active Scan: Log4j Vulnerable to RCE
Cloud IDS: THREAT_IDENTIFIER
Command and Control: DNS Tunneling
Defense Evasion: VPC Route Masquerade Attempt
Impact: VPC Firewall High Priority Block
Impact: VPC Firewall Mass Rule Deletion
Initial Access: Log4j Compromise Attempt
Log4j Malware: Bad Domain
Log4j Malware: Bad IP
Malware: bad domain
Malware: bad IP
Malware: Cryptomining Bad Domain
Malware: Cryptomining Bad IP
What's next
- Learn about Event Threat Detection .
- Learn how to respond to network threat findings .
- Refer to the Threat findings index .
