DET0740 Detection of Exploit Public-Facing Application

Technique Detected: T0819 (Exploit Public-Facing Application)

Analytics

ICS

AN1873

Detecting software exploitation may be difficult depending on the tools available. Software exploits may not always succeed or may cause the exploited process to become unstable or crash. Web Application Firewalls may detect improper inputs attempting exploitation. Use deep packet inspection to look for artifacts of common exploit traffic, such as known payloads.

Log Sources

Mutable Elements