Rules by Product and UseCase

May 13, 2026 · View on GitHub

Rules	Models	MITRE ATT&CK® TTPs	Activity Types	Parsers
1	0	3	1	2

Event Type	Rules	Models
file-delete	T1070 - Indicator Removal on Host ↳ FA-UH-CRIT: File deletion on a critical system T1070.004 - Indicator Removal on Host: File Deletion ↳ FA-UH-CRIT: File deletion on a critical system T1485 - Data Destruction ↳ FA-UH-CRIT: File deletion on a critical system

Vendor: