Detection Capabilities
ASPM supports detecting the following vulnerability scanning behaviors and vulnerability exploitation behaviors:
| No. | Threat Detection Rules | Business Security Detection Rules |
|---|---|---|
| 1 | SQL Injection | API Unauthorized |
| 2 | Command Execution | Account Credential Expired |
| 3 | SSRF | Account Not Enabled |
| 4 | XXE | Account Expired |
| 5 | XSS | Account Locked |
| 6 | File Operations | Execute System Commands |
| 7 | Freemarker Template Injection | Outbound Requests |
| 8 | Nashorn Expression Injection | Delete System Files |
| 9 | JinJava Template Injection | Modify System Files |
| 10 | Rhino Template Injection | Read System Files |
| 11 | Velocity Template Injection | Read System Files |
| 12 | Java Native Deserialization | Password Reset |
| 13 | Flex Deserialization | Malicious Registration |
| 14 | Castor Deserialization | Brute Force |
| 15 | Fastjson Deserialization | Credential Stuffing |
| 16 | Hessian Deserialization | Interface Abuse |
| 17 | Jackson Deserialization | Ticket Scalping |
| 18 | JSON-IO Deserialization | Abnormal High-Frequency API Access |
| 19 | Jyaml Deserialization | Web Scraping |
| 20 | Kryo Deserialization | SMS Bombing |
| 21 | Log4j Deserialization | Credit Card Credential Stuffing |
| 22 | Red5 Deserialization | ......... |
| 23 | Snakeyaml Deserialization | |
| 24 | BeansXml Deserialization | |
| 25 | Xmldecode Deserialization | |
| 26 | Xstream Deserialization | |
| 27 | YamlBeans Deserialization | |
| 28 | Fastjson Baseline Check | |
| 29 | Tomcat Directory Traversal Baseline Check | |
| 30 | EL Expression Injection | |
| 31 | Freemarker Injection | |
| 32 | Jexl Expression Injection | |
| 33 | Jxpath Expression Injection | |
| 34 | Mvel Expression Injection | |
| 35 | OGNL Expression Injection | |
| 36 | QLExpression Injection | |
| 37 | ScriptEngine Expression Injection | |
| 38 | SPEL Expression Injection | |
| 39 | Nexus CVE2024-4956 Arbitrary File Read | |
| 40 | GlassFish Memory Shell | |
| 41 | Jetty Memory Shell | |
| 42 | Resin Memory Shell | |
| 43 | Spring MVC Interceptor Memory Shell | |
| 44 | Spring MVC Controller Memory Shell | |
| 45 | Tomcat Memory Shell | |
| 46 | Weblogic Memory Shell | |
| 47 | WebSocket Memory Shell | |
| 48 | WebSphere Memory Shell | |
| 49 | Dubbo Memory Shell | |
| 50 | WildFly Memory Shell | |
| 51 | Groovy Command Execution | |
| 52 | Godzilla Detection | |
| 53 | Behinder Detection | |
| 54 | Sensitive Information Detection | |
| 55 | Business Risk Identification | |
| 56 | SQL Weak Password Baseline Check | |
| 57 | Proactive Memory Shell Monitoring | |
| 58 | Shiro User Identity Collection | |
| 59 | Spring Security User Identity Collection | |
| 60 | Spring Security Unauthorized Detection | |
| 61 | Spring Actuator Unauthorized |