# AN1921 — Detection of Block Reporting Message (ICS) ## Descrição Analítico para detecção de — na plataforma ICS. **Plataformas:** ICS --- ### Fontes de Log | Fonte | Detalhe | |-------|--------| | Process/Event Alarm (DC0109) | Operational Databases | | Process Termination (DC0033) | Process | | Application Log Content (DC0038) | Application Log | | Network Traffic Flow (DC0078) | Network Traffic | | Process History/Live Data (DC0107) | Operational Databases | ### Data Components Utilizados - [[dc0033-process-termination|DC0033]] - [[dc0038-application-log-content|DC0038]] - [[dc0078-network-traffic-flow|DC0078]] - [[dc0107|DC0107]] - [[dc0109|DC0109]] --- *Fonte: [MITRE ATT&CK — AN1921](https://attack.mitre.org/detectionstrategies/DET0789#AN1921)*