Vendor: Sybase

November 29, 2023 · View on GitHub

Product: Sybase

RulesModelsMITRE ATT&CK® TTPsActivity TypesParsers
5022522
Use-CaseActivity Types/ParsersMITRE ATT&CK® TTPContent
Abnormal Authentication & Accessapp-login
sybase-s-json-database-logout-logout
T1078 - Valid Accounts
T1133 - External Remote Services
  • 12 Rules
  • 4 Models
Compromised Credentialsapp-login
sybase-s-json-database-logout-logout

database-login
sybase-s-cef-database-login-success-login
sybase-s-json-database-login-success-login
T1078 - Valid Accounts
T1133 - External Remote Services
T1190 - Exploit Public Fasing Application
T1213 - Data from Information Repositories
  • 37 Rules
  • 21 Models
Data Accessapp-login
sybase-s-json-database-logout-logout

database-login
sybase-s-cef-database-login-success-login
sybase-s-json-database-login-success-login
T1078 - Valid Accounts
T1213 - Data from Information Repositories
  • 15 Rules
  • 9 Models
Lateral Movementapp-login
sybase-s-json-database-logout-logout
T1090.003 - Proxy: Multi-hop Proxy
  • 1 Rules
Malwareapp-login
sybase-s-json-database-logout-logout
T1078 - Valid Accounts
  • 1 Rules
Privilege Abuseapp-login
sybase-s-json-database-logout-logout
T1078 - Valid Accounts
  • 2 Rules
Privileged Activityapp-login
sybase-s-json-database-logout-logout
T1078 - Valid Accounts
  • 1 Rules
Ransomwareapp-login
sybase-s-json-database-logout-logout
T1078 - Valid Accounts
  • 1 Rules

MITRE ATT&CK® Framework for Enterprise

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
External Remote Services

Valid Accounts

Exploit Public Fasing Application

External Remote Services

Valid Accounts

Valid Accounts

Valid Accounts

Data from Information Repositories

Proxy: Multi-hop Proxy

Proxy