2_ds_vmware_vmware_view.md
June 14, 2023 · View on GitHub
| Use-Case | Event Types/Parsers | MITRE ATT&CK® TTP | Content |
|---|---|---|---|
| Privilege Abuse | account-password-change ↳vmware-view-password-change app-activity ↳vmware-view-app-activity app-login ↳vmware-view-login ↳vmware-view-app-login failed-app-login ↳vmware-view-failed-login remote-logon ↳vmware-view-remote-logon-1 ↳vmware-view-remote-logon | T1078 - Valid Accounts T1078.002 - T1078.002 T1098 - Account Manipulation T1098.002 - Account Manipulation: Exchange Email Delegate Permissions |
|