UBA : MaaS360 malicious URL accessed

The QRadar® User Behavior Analytics (UBA) app supports use cases based on rules for certain behavioral anomalies.

UBA : MaaS360 malicious URL accessed

Enabled by default

False

Default senseValue

15

Description

Detect phishing links clicked from iOS and Android devices irrespective of the source.

Required configuration

IBM MaaS360 Security DSM and events.

Support rule

BB:UBA : Common Event Filters

Log source types

IBM MaaS360 Security (Event ID: MALICIOUS_URL with Event Category : THREAT)