{"allTime":{"count":38,"items":[{"ruleId":"SSRF_ADVANCED","hitCount":32},{"ruleId":"THREAT_CHAIN_DATA_EXFILTRATION","hitCount":31},{"ruleId":"THREAT_CHAIN_PERSISTENCE_WITH_THEFT","hitCount":23},{"ruleId":"CRED_ENV_READ","hitCount":22},{"ruleId":"CMD_INJECTION","hitCount":16},{"ruleId":"STRUCT_READ_EXFIL","hitCount":15},{"ruleId":"DATA_EXFIL","hitCount":15},{"ruleId":"URL_SUSPICIOUS","hitCount":14},{"ruleId":"SHELL_EXEC","hitCount":14},{"ruleId":"SSRF_PATTERN","hitCount":13},{"ruleId":"CROSS_TOOL_ACCESS","hitCount":12},{"ruleId":"TOOL_POISONING","hitCount":11},{"ruleId":"CRYPTO_THEFT","hitCount":10},{"ruleId":"THREAT_CHAIN_AGENT_MANIPULATION","hitCount":9},{"ruleId":"THREAT_CHAIN_SYSTEM_COMPROMISE","hitCount":7},{"ruleId":"A2A_TASK_HIJACK","hitCount":6},{"ruleId":"THREAT_CHAIN_CREDENTIAL_OBFUSCATION","hitCount":6},{"ruleId":"REVERSE_SHELL","hitCount":6},{"ruleId":"A2A_CROSS_AGENT_INJECT","hitCount":6},{"ruleId":"A2A_DATA_LEAK","hitCount":5},{"ruleId":"AGENT_MEMORY_MOD","hitCount":5},{"ruleId":"DNS_REBIND","hitCount":4},{"ruleId":"URL_RAW_IP","hitCount":4},{"ruleId":"NET_SUSPICIOUS","hitCount":3},{"ruleId":"THREAT_CHAIN_SESSION_HIJACKING","hitCount":3},{"ruleId":"INTENT_SECURITY_DISABLE_INTENT","hitCount":2},{"ruleId":"XSS_INJECTION","hitCount":2},{"ruleId":"PROMPT_INJECT","hitCount":2},{"ruleId":"THREAT_CHAIN_COMMAND_AND_CONTROL","hitCount":2},{"ruleId":"SUPPLY_CHAIN","hitCount":2},{"ruleId":"THREAT_CHAIN_DROPPER_BEHAVIOR","hitCount":2},{"ruleId":"CONTAINER_ESCAPE","hitCount":1},{"ruleId":"THREAT_CHAIN_STAGED_EXFILTRATION","hitCount":1},{"ruleId":"EXFIL_COVERT","hitCount":1},{"ruleId":"INTENT_MALWARE_INSTALL_INTENT","hitCount":1},{"ruleId":"INTENT_EXPLICIT_EXFILTRATION","hitCount":1},{"ruleId":"PERSISTENCE","hitCount":1},{"ruleId":"A2A_AGENT_IMPERSONATION","hitCount":1}]},"today":{"count":0,"items":[]}}