Vendor: LogRhythm
April 15, 2026 · View on GitHub
Product: NetMon
| Rules | Models | MITRE ATT&CK® TTPs | Activity Types | Parsers |
|---|---|---|---|---|
| 81 | 31 | 9 | 3 | 4 |
| Use-Case | Activity Types/Parsers | MITRE ATT&CK® TTP | Content |
|---|---|---|---|
| Compromised Credentials | network-alert ↳logrhythm-netmon-json-rule-trigger-success-005 ↳logrhythm-netmon-csv-rule-trigger-success-010 ↳logrhythm-netmon-csv-rule-trigger-success-005 | T1027 - Obfuscated Files or Information T1027.005 - Obfuscated Files or Information: Indicator Removal from Tools T1190 - Exploit Public Fasing Application |
|
| Lateral Movement | network-connection-failed ↳logrhythm-netmon-csv-network-close-success-003 ↳logrhythm-netmon-json-network-close-success-003 network-connection-successful ↳logrhythm-netmon-json-network-session-success-001 ↳logrhythm-netmon-csv-network-session-success-001 | T1071 - Application Layer Protocol T1090 - Proxy T1090.003 - Proxy: Multi-hop Proxy T1190 - Exploit Public Fasing Application TA0010 - TA0010 TA0011 - TA0011 |
|
| Next Page -->> |
MITRE ATT&CK® Framework for Enterprise
| Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Exploit Public Fasing Application | Obfuscated Files or Information: Indicator Removal from Tools Obfuscated Files or Information | Proxy: Multi-hop Proxy Application Layer Protocol Proxy |