diff --git a/datasets/suspicious_behaviour/alerts/cisco_secure_app_alerts.log b/datasets/suspicious_behaviour/alerts/cisco_secure_app_alerts.log
new file mode 100644
index 00000000..1567fc5e
--- /dev/null
+++ b/datasets/suspicious_behaviour/alerts/cisco_secure_app_alerts.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:5f0085892bb50f84cdd9d1d39d45ba888238f4e80820f8da08d82753cca8cfba
+size 6085
diff --git a/datasets/suspicious_behaviour/alerts/cisco_secure_app_alerts.yml b/datasets/suspicious_behaviour/alerts/cisco_secure_app_alerts.yml
new file mode 100644
index 00000000..a9df5bdf
--- /dev/null
+++ b/datasets/suspicious_behaviour/alerts/cisco_secure_app_alerts.yml
@@ -0,0 +1,11 @@
+author: Bhavin Patel
+id: ab41e678-3b34-41ac-ab8e-1eb1ea545c4e
+date: '2024-10-24'
+description: This dataset is from a demo environment for Cisco Secure App alerts with sourcetype appdynamics_security
+environment: NA
+dataset:
+- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/suspicious_behaviour/alerts/cisco_secure_app_alerts.log
+sourcetypes:
+- appdynamics_security
+references:
+- https://docs.splunk.com/Documentation/AddOns/released/MSSecurity/Sourcetypes
\ No newline at end of file