Who Me Too'd this topic

Who Me Too'd this topic

L1 Bithead

Timeframes for BIOC rules

It'd be very useful for things like failed logons or network connection attempts if BIOC rules could utilise timeframes.

 

Is this on the roadmap?

 

It could work well if this was done in a similar way to NGFW → OBJECTS → Custom Objects → Vulnerability → <object> → Signatures → Combination → Time Attribute:

2020 ∕ 09 ∕ 23 10꞉52꞉33 - PA_LAB_-_Google_Chrome.png

Who Me Too'd this topic