Vendor: Cisco

June 14, 2023 · View on GitHub

Product: TACACS

Use-Case: Data Access

RulesModelsMITRE ATT&CK® TTPsEvent TypesParsers
20111
Event TypeRulesModels
process-createdT1003 - OS Credential Dumping
A-CP-Sensitive-Files: Copying sensitive files with credential data on this asset
CP-Sensitive-Files: Copying sensitive files with credential data