open-menu
closeme
Potential Buffer Overflow Attack Detected
calendar
Mar 11, 2024
·
Domain: Endpoint
OS: Linux
Use Case: Threat Detection
Tactic: Privilege Escalation
Tactic: Initial Access
Use Case: Vulnerability
Rule Type: Higher-Order Rule
·
Share on:
twitter
facebook
linkedin
copy
GitHub UEBA - Multiple Alerts from a GitHub Account
calendar
Jan 22, 2024
·
Domain: Cloud
Use Case: Threat Detection
Use Case: UEBA
Tactic: Execution
Rule Type: Higher-Order Rule
Data Source: Github
·
Share on:
twitter
facebook
linkedin
copy
Stolen Credentials Used to Login to Okta Account After MFA Reset
calendar
Dec 12, 2023
·
Tactic: Persistence
Use Case: Identity and Access Audit
Data Source: Okta
Data Source: Elastic Defend
Rule Type: Higher-Order Rule
Domain: Endpoint
Domain: Cloud
·
Share on:
twitter
facebook
linkedin
copy
Unusual Discovery Signal Alert with Unusual Process Executable
calendar
Dec 7, 2023
·
Domain: Endpoint
OS: Windows
Use Case: Threat Detection
Tactic: Discovery
Rule Type: Higher-Order Rule
·
Share on:
twitter
facebook
linkedin
copy
Unusual Discovery Signal Alert with Unusual Process Command Line
calendar
Oct 11, 2023
·
Domain: Endpoint
OS: Windows
Use Case: Threat Detection
Tactic: Discovery
Rule Type: Higher-Order Rule
·
Share on:
twitter
facebook
linkedin
copy
Multiple Alerts in Different ATT&CK Tactics on a Single Host
calendar
Jun 22, 2023
·
Use Case: Threat Detection
Rule Type: Higher-Order Rule
·
Share on:
twitter
facebook
linkedin
copy
Multiple Alerts Involving a User
calendar
Jun 22, 2023
·
Use Case: Threat Detection
Rule Type: Higher-Order Rule
·
Share on:
twitter
facebook
linkedin
copy
to-top