Monitor for web application attacks
Description:
Monitor inbound user agent strings into a GCP project to detect malicious security tools scanning web and API services.
Solution:
Project owner and/or users. Should verify if this is legitimate or malicious traffic. If this is malicious please implement a Network ACL deny on the incoming address. If this is legitimate traffic, please notify Cybersecurity - email: cybersec@columbia.edu
Reference:
https://attack.mitre.org/techniques/T1190/
https://www.cisecurity.org/controls/application-software-security/
, multiple selections available, Use left or right arrow keys to navigate selected items