open-menu
closeme
First Time Seen Removable Device
calendar
Sep 5, 2023
·
Domain: Endpoint
OS: Windows
Use Case: Threat Detection
Tactic: Initial Access
Tactic: Exfiltration
Data Source: Elastic Endgame
Data Source: Elastic Defend
·
Share on:
twitter
facebook
linkedin
copy
AWS EC2 Full Network Packet Capture Detected
calendar
Jun 22, 2023
·
Domain: Cloud
Data Source: AWS
Data Source: Amazon Web Services
Use Case: Network Security Monitoring
Tactic: Exfiltration
Tactic: Collection
·
Share on:
twitter
facebook
linkedin
copy
AWS EC2 Snapshot Activity
calendar
Jun 22, 2023
·
Domain: Cloud
Data Source: AWS
Data Source: Amazon Web Services
Use Case: Asset Visibility
Tactic: Exfiltration
Resources: Investigation Guide
·
Share on:
twitter
facebook
linkedin
copy
AWS EC2 VM Export Failure
calendar
Jun 22, 2023
·
Domain: Cloud
Data Source: AWS
Data Source: Amazon Web Services
Use Case: Asset Visibility
Tactic: Exfiltration
Tactic: Collection
·
Share on:
twitter
facebook
linkedin
copy
AWS RDS Snapshot Export
calendar
Jun 22, 2023
·
Domain: Cloud
Data Source: AWS
Data Source: Amazon Web Services
Use Case: Asset Visibility
Tactic: Exfiltration
·
Share on:
twitter
facebook
linkedin
copy
GCP Logging Sink Modification
calendar
Jun 22, 2023
·
Domain: Cloud
Data Source: GCP
Data Source: Google Cloud Platform
Use Case: Log Auditing
Tactic: Exfiltration
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Exchange Transport Rule Creation
calendar
Jun 22, 2023
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Exfiltration
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Exchange Transport Rule Modification
calendar
Jun 22, 2023
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Exfiltration
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Mass download by a single user
calendar
Jun 22, 2023
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Exfiltration
·
Share on:
twitter
facebook
linkedin
copy
to-top