Rules by Product and UseCase
April 15, 2026 · View on GitHub
Vendor: StealthBits
Product: StealthIntercept
Use-Case: Privilege Abuse
| Rules | Models | MITRE ATT&CK® TTPs | Activity Types | Parsers |
|---|---|---|---|---|
| 2 | 2 | 1 | 1 | 0 |
| Event Type | Rules | Models |
|---|---|---|
| ds-access | T1484 - Group Policy Modification ↳ DS-APRIV: Non-Privileged user accessing privileged directory service attribute ↳ DS-UA: First access to attribute for privileged user | • DS-UA: Attributes per privileged user • DS-APRIV: Privileged user attributes |