Skip to main content
Skip table of contents

Healthcare (OT) - AI Engine Rules

AIE Rule IDAIE Rule NameAIE Rule Description
1567

HC: Account Added To Privileged Group

Observes for an account added to an admin/privileged user group.
1568

HC: Admin Password Modified

Observes for an admin/privileged user password modification.
1569

HC: Crit Application Config Change

Observes for changes to critical application configurations.
1570

HC: Crit Backup Failure

Observes for failed critical backup events.
1571

HC: Crit Database Config Change

Observes for changes to critical database configurations.
1572

HC: Crit Net Access Config Change

Observes for changes to critical network access configurations.
1573

HC: Crit Service Stopped

Observes for critical service stop events that are not followed by service start events.
1574

HC: Crit System Config Change

Observes for changes to critical system configurations.
1575

HC: Crit System Shutdown

Observes for critical system shutdowns that are not followed by startup activity.

1576

HC: Data Copy To Removable Device

Observes for data transfer to a removable device (e.g., USB drive).
1577

HC: Default Or Weak Password

Observes for a default or weak password.
1578

HC: Device Modified

Observes for device modifications.
1579

HC: Device Sent Plaintext Credentials

Observes for device transmission of a plaintext password.
1580

HC: Device Software Vulnerability

Observes for device software vulnerabilities.
1581

HC: Door Access Granted

Observes for successful door authentications.
1582

HC: Expired Certificate

Observes for an expired TLS certificate.
1583

HC: File Deletion Activity

Observes for file deletions.
1584

HC: Firmware Change

Observes for device firmware changes.
1585

HC: Malicious IP

Observes for device communication with a destination IP flagged as potentially malicious.
1586

HC: Multiple Account Lockouts

Observes for an account locked out multiple times (>=3) per hour.
1587

HC: Multiple Door Access Failures

Observes for multiple failed door authentications.
1588

HC: New Hardware Detected

Observes for connection of a new external device (e.g., USB drive, keyboard, mouse) to a system.
1589

HC: New Medical Device

Observes for a newly discovered medical device (e.g., infusion pump).
1590

HC: Sensor Connected/Disconnected

Observes for sensor connections/disconnections.
1591

HC: SMBv1 Communication

Observes for device communication over SMBv1.
1592

HC: Software Install/Update Failure

Observes for failed software installations/updates.
1593

HC: Software Installed/Updated

Observes for successful software installations/updates.
1594

HC: System Time Changed

Observes for system time changes.
1595

HC: User Account Created

Observes for creation of a new user account.
1596

HC: Vulnerability Scan Event

Observes for vulnerability scans.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close