open-menu
closeme
GitHub UEBA - Multiple Alerts from a GitHub Account
calendar
Dec 9, 2024
·
Domain: Cloud
Use Case: Threat Detection
Use Case: UEBA
Tactic: Execution
Rule Type: Higher-Order Rule
Data Source: Github
·
Share on:
twitter
facebook
linkedin
copy
Stolen Credentials Used to Login to Okta Account After MFA Reset
calendar
Dec 9, 2024
·
Tactic: Persistence
Use Case: Identity and Access Audit
Data Source: Okta
Data Source: Elastic Defend
Rule Type: Higher-Order Rule
Domain: Endpoint
Domain: Cloud
·
Share on:
twitter
facebook
linkedin
copy
Potential Widespread Malware Infection Across Multiple Hosts
calendar
Oct 10, 2024
·
Domain: Endpoint
Data Source: Elastic Defend
Use Case: Threat Detection
Tactic: Execution
Rule Type: Higher-Order Rule
·
Share on:
twitter
facebook
linkedin
copy
Multiple Alerts in Different ATT&CK Tactics on a Single Host
calendar
May 22, 2024
·
Use Case: Threat Detection
Rule Type: Higher-Order Rule
·
Share on:
twitter
facebook
linkedin
copy
Multiple Alerts Involving a User
calendar
May 22, 2024
·
Use Case: Threat Detection
Rule Type: Higher-Order Rule
·
Share on:
twitter
facebook
linkedin
copy
Potential Buffer Overflow Attack Detected
calendar
May 22, 2024
·
Domain: Endpoint
OS: Linux
Use Case: Threat Detection
Tactic: Privilege Escalation
Tactic: Initial Access
Use Case: Vulnerability
Rule Type: Higher-Order Rule
·
Share on:
twitter
facebook
linkedin
copy
Unusual Discovery Signal Alert with Unusual Process Command Line
calendar
May 22, 2024
·
Domain: Endpoint
OS: Windows
Use Case: Threat Detection
Tactic: Discovery
Rule Type: Higher-Order Rule
·
Share on:
twitter
facebook
linkedin
copy
Unusual Discovery Signal Alert with Unusual Process Executable
calendar
May 22, 2024
·
Domain: Endpoint
OS: Windows
Use Case: Threat Detection
Tactic: Discovery
Rule Type: Higher-Order Rule
·
Share on:
twitter
facebook
linkedin
copy
to-top