Vendor: Imperva

April 15, 2026 · View on GitHub

Product: Imperva Incapsula

RulesModelsMITRE ATT&CK® TTPsActivity TypesParsers
130532632
Use-CaseActivity Types/ParsersMITRE ATT&CK® TTPContent
Abnormal Authentication & Accessapp-activity
imperva-incapsula-leef-http-session-siemintegration
imperva-incapsula-cef-http-session-ddos
imperva-incapsula-cef-http-session-siemintegration

web-activity-allowed
imperva-incapsula-leef-http-session-siemintegration
imperva-incapsula-cef-http-session-ddos
imperva-incapsula-cef-http-session-siemintegration

web-activity-denied
imperva-incapsula-leef-http-session-siemintegration
imperva-incapsula-cef-http-session-ddos
imperva-incapsula-cef-http-session-siemintegration
T1071 - Application Layer Protocol
T1071.001 - Application Layer Protocol: Web Protocols
T1078 - Valid Accounts
T1133 - External Remote Services
  • 18 Rules
  • 10 Models
Account Manipulationapp-activity
imperva-incapsula-leef-http-session-siemintegration
imperva-incapsula-cef-http-session-ddos
imperva-incapsula-cef-http-session-siemintegration
T1098 - Account Manipulation
T1098.002 - Account Manipulation: Exchange Email Delegate Permissions
  • 3 Rules
  • 1 Models
Data Accessapp-activity
imperva-incapsula-leef-http-session-siemintegration
imperva-incapsula-cef-http-session-ddos
imperva-incapsula-cef-http-session-siemintegration
T1078 - Valid Accounts
  • 19 Rules
  • 11 Models
Privilege Escalationapp-activity
imperva-incapsula-leef-http-session-siemintegration
imperva-incapsula-cef-http-session-ddos
imperva-incapsula-cef-http-session-siemintegration
T1098 - Account Manipulation
T1098.002 - Account Manipulation: Exchange Email Delegate Permissions
  • 3 Rules
  • 1 Models
Workforce Protectionweb-activity-allowed
imperva-incapsula-leef-http-session-siemintegration
imperva-incapsula-cef-http-session-ddos
imperva-incapsula-cef-http-session-siemintegration
T1071 - Application Layer Protocol
T1071.001 - Application Layer Protocol: Web Protocols
  • 4 Rules
  • 2 Models
Next Page -->>

MITRE ATT&CK® Framework for Enterprise

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Phishing: Spearphishing Link

External Remote Services

Valid Accounts

Drive-by Compromise

Exploit Public Fasing Application

Phishing

User Execution

External Remote Services

Valid Accounts

Account Manipulation

Account Manipulation: Exchange Email Delegate Permissions

Valid Accounts

Valid Accounts

Internal Spearphishing

Email Collection

Email Collection: Email Forwarding Rule

Web Service

Application Layer Protocol: Web Protocols

Dynamic Resolution

Dynamic Resolution: Domain Generation Algorithms

Proxy: Multi-hop Proxy

Application Layer Protocol

Proxy

Exfiltration Over C2 Channel

Exfiltration Over Web Service: Exfiltration to Cloud Storage

Exfiltration Over Web Service

Resource Hijacking