For details on cookie usage on our site, read our Privacy Policy
Behavioral threat detected (rule: bioc.syscall.remote banker behavior)
- LIVEcommunity
- Discussions
- Security Operations
- Cortex XDR Discussions
- Re: Behavioral threat detected (rule: bioc.syscall.remote banker behavior)
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Behavioral threat detected (rule: bioc.syscall.remote banker behavior)
- Mark as New
- Subscribe to RSS Feed
- Permalink
11-08-2020 03:47 PM
Hi Guys,
In the Cortex XDR, we are getting an alert indicating Behavioral threat detected (rule: bioc.syscall.remote banker behavior). Although the file is blocked which is benign, the is no information related to the rule. Does anyone have a clear idea about the rule?
Regards
- Mark as New
- Subscribe to RSS Feed
- Permalink
05-19-2021 06:18 PM
Hi KRisselada,
You cannot find any list of BIOC rules per my knowledge and a follow up with Palo Engineers. These are preconfigured rules from Palo Alto Networks with no intention to share (if they share, protection would go undermine).
Regards
- Global Exceptions in Cortex XDR Discussions
- Firewall logs to Cortex Data Lake log buffering in Cortex XDR Discussions
- XDR DNS Query Non-Existant Domain (Internal domain) in Cortex XDR Discussions
- In the ServiceNow V2 integration, mirrored attachments are not visible on the layout. in Cortex XSOAR Discussions
- Compile Payload Source Code Locally in Cortex XDR Discussions
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
