Rules by Product and UseCase

April 15, 2026 · View on GitHub

Vendor: Commvault

Product: Commvault

Use-Case: Malware

RulesModelsMITRE ATT&CK® TTPsActivity TypesParsers
10110
Event TypeRulesModels
app-loginT1078 - Valid Accounts
↳ Auth-Blacklist-Shost: User authentication or login from a known blacklisted IP

Contents

  1. 1Vendor: Commvault
  2. 1.1Product: Commvault
  3. 1.2Use-Case: Malware