Vendor: TXOne Networks

April 15, 2026 · View on GitHub

Product: StellarProtect

RulesModelsMITRE ATT&CK® TTPsActivity TypesParsers
85371121
Use-CaseActivity Types/ParsersMITRE ATT&CK® TTPContent
Abnormal Authentication & Accessapp-activity
txone-stlrp-cef-app-activity-success-catchall
T1078 - Valid Accounts
T1133 - External Remote Services
  • 12 Rules
  • 4 Models
Account Manipulationapp-activity
txone-stlrp-cef-app-activity-success-catchall
T1098 - Account Manipulation
T1098.002 - Account Manipulation: Exchange Email Delegate Permissions
  • 3 Rules
  • 1 Models
Compromised Credentialsapp-activity
txone-stlrp-cef-app-activity-success-catchall

security-alert
txone-stlrp-cef-app-activity-success-catchall
txone-stlrp-cef-app-activity-success-catchall
T1027 - Obfuscated Files or Information
T1027.005 - Obfuscated Files or Information: Indicator Removal from Tools
T1078 - Valid Accounts
T1133 - External Remote Services
T1190 - Exploit Public Fasing Application
  • 62 Rules
  • 33 Models
Data Accessapp-activity
txone-stlrp-cef-app-activity-success-catchall
T1078 - Valid Accounts
  • 19 Rules
  • 11 Models
Data Leakapp-activity
txone-stlrp-cef-app-activity-success-catchall
T1114 - Email Collection
T1114.003 - Email Collection: Email Forwarding Rule
  • 3 Rules
Lateral Movementsecurity-alert
txone-stlrp-cef-app-activity-success-catchall
txone-stlrp-cef-app-activity-success-catchall
T1027 - Obfuscated Files or Information
T1027.005 - Obfuscated Files or Information: Indicator Removal from Tools
  • 2 Rules
Malwaresecurity-alert
txone-stlrp-cef-app-activity-success-catchall
txone-stlrp-cef-app-activity-success-catchall
TA0002 - TA0002
  • 4 Rules
  • 2 Models
Privilege Abuseapp-activity
txone-stlrp-cef-app-activity-success-catchall
T1078 - Valid Accounts
T1098 - Account Manipulation
T1098.002 - Account Manipulation: Exchange Email Delegate Permissions
  • 6 Rules
  • 2 Models
Privilege Escalationapp-activity
txone-stlrp-cef-app-activity-success-catchall
T1098 - Account Manipulation
T1098.002 - Account Manipulation: Exchange Email Delegate Permissions
  • 3 Rules
  • 1 Models
Privileged Activityapp-activity
txone-stlrp-cef-app-activity-success-catchall

security-alert
txone-stlrp-cef-app-activity-success-catchall
txone-stlrp-cef-app-activity-success-catchall
T1068 - Exploitation for Privilege Escalation
T1078 - Valid Accounts
  • 3 Rules
  • 1 Models

MITRE ATT&CK® Framework for Enterprise

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
External Remote Services

Valid Accounts

Exploit Public Fasing Application

External Remote Services

Valid Accounts

Account Manipulation

Account Manipulation: Exchange Email Delegate Permissions

Valid Accounts

Exploitation for Privilege Escalation

Obfuscated Files or Information: Indicator Removal from Tools

Valid Accounts

Obfuscated Files or Information

Email Collection

Email Collection: Email Forwarding Rule