Vendor: Proofpoint

June 14, 2023 · View on GitHub

Product: Proofpoint TAP/POD

RulesModelsMITRE ATT&CK® TTPsEvent TypesParsers
3816344
Use-CaseEvent Types/ParsersMITRE ATT&CK® TTPContent
Data Leakdlp-email-alert-out
proofpoint-email-4
proofpoint-email-5
q-proofpoint-email
proofpoint-email-6
proofpoint-email
proofpoint-dlp-email-from

dlp-email-alert-out-failed
proofpoint-email-4
proofpoint-email-5
q-proofpoint-email
proofpoint-email-6
proofpoint-email
proofpoint-dlp-email-from
T1048.003 - Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
  • 33 Rules
  • 15 Models
Malwaredlp-email-alert-in
proofpoint-email-4
proofpoint-email-5
q-proofpoint-email
proofpoint-email-6
proofpoint-email
proofpoint-dlp-email-from

dlp-email-alert-out
proofpoint-email-4
proofpoint-email-5
q-proofpoint-email
proofpoint-email-6
proofpoint-email
proofpoint-dlp-email-from
T1190 - Exploit Public Fasing Application
  • 1 Rules
Phishingdlp-email-alert-out
proofpoint-email-4
proofpoint-email-5
q-proofpoint-email
proofpoint-email-6
proofpoint-email
proofpoint-dlp-email-from
T1048.003 - Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
  • 1 Rules
  • 1 Models
Workforce Protectiondlp-email-alert-out
proofpoint-email-4
proofpoint-email-5
q-proofpoint-email
proofpoint-email-6
proofpoint-email
proofpoint-dlp-email-from
T1048.003 - Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
  • 4 Rules
  • 1 Models
Next Page -->>

MITRE ATT&CK® Framework for Enterprise

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Valid Accounts

Exploit Public Fasing Application

Valid Accounts

Valid Accounts

Valid Accounts

Exfiltration Over Alternative Protocol

Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol