Vendor: Proofpoint

June 14, 2023 · View on GitHub

Product: ObserveIT

Use-Case: Privileged Activity

RulesModelsMITRE ATT&CK® TTPsEvent TypesParsers
10111
Event TypeRulesModels
security-alertT1068 - Exploitation for Privilege Escalation
↳ ALERT-EXEC: Security violation by Executive

Contents

  1. 0.1Product: ObserveIT
  2. 0.2Use-Case: Privileged Activity