Vendor: Onapsis
June 14, 2023 · View on GitHub
Product: Onapsis
Use-Case: Privilege Abuse
| Rules | Models | MITRE ATT&CK® TTPs | Event Types | Parsers |
|---|---|---|---|---|
| 2 | 0 | 1 | 2 | 2 |
| Event Type | Rules | Models |
|---|---|---|
| app-login | T1078 - Valid Accounts ↳ APP-Account-deactivated: Activity from a de-activated user account ↳ APP-F-SA-NC: New service account access to application | |
| failed-app-login | T1078 - Valid Accounts ↳ APP-Account-deactivated: Activity from a de-activated user account |