Vendor: NetApp

Product: NetApp

Rules	Models	MITRE ATT&CK® TTPs	Activity Types	Parsers
30	15	6	2	0

Use-Case	Activity Types/Parsers	MITRE ATT&CK® TTP	Content
Compromised Credentials	file-delete ↳netapp-n-xml-file-delete-success-4660	T1083 - File and Directory Discovery	24 Rules 13 Models
Data Access	file-delete ↳netapp-n-xml-file-delete-success-4660	T1083 - File and Directory Discovery	24 Rules 13 Models
Data Exfiltration	file-alert ↳netapp-n-xml-alert-trigger-success-4656	TA0002 - TA0002	2 Rules 1 Models
Destruction of Data	file-delete ↳netapp-n-xml-file-delete-success-4660	T1070 - Indicator Removal on Host T1070.004 - Indicator Removal on Host: File Deletion T1485 - Data Destruction	1 Rules
Malware	file-alert ↳netapp-n-xml-alert-trigger-success-4656	TA0002 - TA0002	2 Rules 1 Models
Privilege Abuse	file-alert ↳netapp-n-xml-alert-trigger-success-4656 file-delete ↳netapp-n-xml-file-delete-success-4660	T1078 - Valid Accounts	1 Rules
Privileged Activity	file-alert ↳netapp-n-xml-alert-trigger-success-4656 file-delete ↳netapp-n-xml-file-delete-success-4660	T1078 - Valid Accounts	1 Rules

MITRE ATT&CK® Framework for Enterprise

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Valid Accounts		Valid Accounts	Valid Accounts	Indicator Removal on Host: File Deletion Valid Accounts Indicator Removal on Host		File and Directory Discovery					Data Destruction