Product: IBM Sterling B2B Integrator
Use-Case: Executive Account Activity
| Rules | Models | MITRE TTPs | Event Types | Parsers |
|---|---|---|---|---|
| 2 | 1 | 2 | 2 | 2 |
| Event Type | Rules | Models |
|---|---|---|
| failed-logon | T1068 - Exploitation for Privilege Escalation ↳ ALERT-EXEC: Security violation by Executive |
|
| remote-logon | T1078 - Valid Accounts ↳ AL-HT-EXEC-new: New user logon to executive asset T1068 - Exploitation for Privilege Escalation ↳ ALERT-EXEC: Security violation by Executive |
• AL-HT-EXEC: Executive Assets |