Product: IBM Sterling B2B Integrator
Use-Case: Executive Account Activity
Rules | Models | MITRE TTPs | Event Types | Parsers |
---|---|---|---|---|
2 | 1 | 2 | 2 | 2 |
Event Type | Rules | Models |
---|---|---|
failed-logon | T1068 - Exploitation for Privilege Escalation ↳ ALERT-EXEC: Security violation by Executive |
|
remote-logon | T1078 - Valid Accounts ↳ AL-HT-EXEC-new: New user logon to executive asset T1068 - Exploitation for Privilege Escalation ↳ ALERT-EXEC: Security violation by Executive |
• AL-HT-EXEC: Executive Assets |