Vendor: Oracle

August 30, 2023 · View on GitHub

Product: Oracle Database

Rules	Models	MITRE ATT&CK® TTPs	Event Types	Parsers
18	10	1	2	2

Use-Case	Event Types/Parsers	MITRE ATT&CK® TTP	Content
Compromised Credentials	database-login ↳s-oracle-db-login ↳cef-syslog-oracle-db-login ↳q-oracle-db-login ↳s-oracle-db-logon ↳s-oracle-db-login-2 ↳oracle-db-login-2 ↳oracle-db-login-3 ↳oracle-db-login ↳s-oracle-db-login-1 ↳oracle-db-login-1 ↳s-oracle-db-activity-2 ↳oracle-database-login database-query ↳s-oracle-db-query ↳s-oracle-db-select-1 ↳oracle-db-query-1 ↳s-oracle-db-query-1 ↳cef-syslog-oracle-db-query ↳oracle-db-query-2 ↳oracle-db-query-3 ↳oracle-db-query-4 ↳oracle-db-query-5 ↳cef-oracle-db-query ↳oracle-db-insert ↳oracle-database-query-4 ↳oracle-db-query ↳q-oracle-db-query ↳siebel-db-query ↳s-oracle-db-execute-1	T1213 - Data from Information Repositories	18 Rules 10 Models
Data Access	database-login ↳s-oracle-db-login ↳cef-syslog-oracle-db-login ↳q-oracle-db-login ↳s-oracle-db-logon ↳s-oracle-db-login-2 ↳oracle-db-login-2 ↳oracle-db-login-3 ↳oracle-db-login ↳s-oracle-db-login-1 ↳oracle-db-login-1 ↳s-oracle-db-activity-2 ↳oracle-database-login database-query ↳s-oracle-db-query ↳s-oracle-db-select-1 ↳oracle-db-query-1 ↳s-oracle-db-query-1 ↳cef-syslog-oracle-db-query ↳oracle-db-query-2 ↳oracle-db-query-3 ↳oracle-db-query-4 ↳oracle-db-query-5 ↳cef-oracle-db-query ↳oracle-db-insert ↳oracle-database-query-4 ↳oracle-db-query ↳q-oracle-db-query ↳siebel-db-query ↳s-oracle-db-execute-1	T1213 - Data from Information Repositories	18 Rules 10 Models

MITRE ATT&CK® Framework for Enterprise

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
								Data from Information Repositories