| Abnormal Authentication & Access | app-login
↳securelink-s-str-app-logout-disconnectedfrom
↳securelink-s-kv-app-logout-logout
| T1078 - Valid Accounts
T1133 - External Remote Services
| |
| Compromised Credentials | app-login
↳securelink-s-str-app-logout-disconnectedfrom
↳securelink-s-kv-app-logout-logout
| T1078 - Valid Accounts
T1133 - External Remote Services
T1190 - Exploit Public Fasing Application
| |
| Data Access | app-login
↳securelink-s-str-app-logout-disconnectedfrom
↳securelink-s-kv-app-logout-logout
| T1078 - Valid Accounts
| |
| Evasion | registry-write
↳securelink-s-kv-app-activity-appactivity
| T1564.001 - T1564.001
T1564.002 - T1564.002
| |
| Lateral Movement | app-login
↳securelink-s-str-app-logout-disconnectedfrom
↳securelink-s-kv-app-logout-logout
| T1090.003 - Proxy: Multi-hop Proxy
| |
| Malware | app-login
↳securelink-s-str-app-logout-disconnectedfrom
↳securelink-s-kv-app-logout-logout
registry-write
↳securelink-s-kv-app-activity-appactivity
| T1078 - Valid Accounts
T1112 - Modify Registry
T1547.001 - T1547.001
T1574.010 - T1574.010
T1574.011 - T1574.011
| |
| Privilege Abuse | app-login
↳securelink-s-str-app-logout-disconnectedfrom
↳securelink-s-kv-app-logout-logout
| T1078 - Valid Accounts
| |
| Privileged Activity | app-login
↳securelink-s-str-app-logout-disconnectedfrom
↳securelink-s-kv-app-logout-logout
| T1078 - Valid Accounts
| |
| Ransomware | app-login
↳securelink-s-str-app-logout-disconnectedfrom
↳securelink-s-kv-app-logout-logout
| T1078 - Valid Accounts
| |