3rd Party Security Alerts |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1027.005 - Obfuscated Files or Information: Indicator Removal from Tools T1059.001 - Command and Scripting Interperter: PowerShell T1071.001 - Application Layer Protocol: Web Protocols T1078 - Valid Accounts
|
|
Abnormal Application Access |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1078 - Valid Accounts
|
|
Abnormal Authentication & Access |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1078 - Valid Accounts T1133 - External Remote Services
|
|
Abnormal File Access |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1083 - File and Directory Discovery
|
|
Abnormal Network Connections |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1090.002 - Proxy: External Proxy T1571 - Non-Standard Port
|
|
Abnormal Remote Access |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1027.005 - Obfuscated Files or Information: Indicator Removal from Tools
|
|
Abnormal User Activity |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1071.001 - Application Layer Protocol: Web Protocols T1078 - Valid Accounts T1133 - External Remote Services
|
|
Abnormal Web Access |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1071.001 - Application Layer Protocol: Web Protocols T1102 - Web Service T1550.002 - Use Alternate Authentication Material: Pass the Hash
|
|
Access to Application Data |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1078 - Valid Accounts
|
|
Access to File Data |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1083 - File and Directory Discovery
|
|
Account Manipulation |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1098.002 - Account Manipulation: Exchange Email Delegate Permissions
|
|
Activity on Domain Controllers |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1071.001 - Application Layer Protocol: Web Protocols T1102 - Web Service
|
|
Compromised Asset |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1003.003 - T1003.003
|
|
Compromised Service Account |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1078 - Valid Accounts
|
|
Cryptomining |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking
|
|
Data Exfiltration |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1020 - Automated Exfiltration T1048 - Exfiltration Over Alternative Protocol T1204 - User Execution
|
|
Data Exfiltration via DNS |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1071.001 - Application Layer Protocol: Web Protocols T1568 - Dynamic Resolution
|
|
Data Exfiltration via Web |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1030 - Data Transfer Size Limits T1071.001 - Application Layer Protocol: Web Protocols T1567.002 - Exfiltration Over Web Service: Exfiltration to Cloud Storage
|
|
Data Leak |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1020 - Automated Exfiltration T1048 - Exfiltration Over Alternative Protocol T1204 - User Execution
|
|
Data Leak via Email |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1020 - Automated Exfiltration T1048 - Exfiltration Over Alternative Protocol T1048.003 - Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol T1114.003 - Email Collection: Email Forwarding Rule
|
|
Data Leak via Web |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1030 - Data Transfer Size Limits T1071.001 - Application Layer Protocol: Web Protocols T1567.002 - Exfiltration Over Web Service: Exfiltration to Cloud Storage
|
|
Disabled Account Abuse |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1078 - Valid Accounts
|
|
Disabled Account Activity |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1078 - Valid Accounts
|
|
Evasion |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1071.001 - Application Layer Protocol: Web Protocols T1090.003 - Proxy: Multi-hop Proxy
|
|
Executive Account Activity |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1068 - Exploitation for Privilege Escalation T1098.002 - Account Manipulation: Exchange Email Delegate Permissions
|
|
Malware |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1003.002 - T1003.002 T1027 - Obfuscated Files or Information T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1078 - Valid Accounts T1085 - T1085 T1204 - User Execution T1550.002 - Use Alternate Authentication Material: Pass the Hash T1568.002 - Dynamic Resolution: Domain Generation Algorithms
|
|
Membership and Permission Modifications |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1098.002 - Account Manipulation: Exchange Email Delegate Permissions
|
|
Permission Changes |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1098.002 - Account Manipulation: Exchange Email Delegate Permissions
|
|
Phishing |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1048 - Exfiltration Over Alternative Protocol T1048.003 - Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol T1071.001 - Application Layer Protocol: Web Protocols T1566.002 - Phishing: Spearphishing Link
|
|
Privileged Account Abuse |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1078 - Valid Accounts
|
|
Ransomware |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1071 - Application Layer Protocol T1078 - Valid Accounts
|
|
Risk of Attrition |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1048.003 - Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol T1071.001 - Application Layer Protocol: Web Protocols
|
|
Service Account Abuse |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1078 - Valid Accounts
|
|
Spam |
app-activity ↳ netskope-activity ↳ s-netskope-activity ↳ cef-netskope-app-activity-51 ↳ netskope-app-activity
app-login ↳ netskope-login ↳ s-netskope-login
dlp-alert ↳ cef-netskope-dlp-alert ↳ cef-netskope-dlp-alert-1 ↳ netscope-dlp-alert-activity ↳ netskope-dlp-alert
dlp-email-alert-out ↳ cef-netskope-dlp-email-alert-1
file-delete ↳ netskope-activity ↳ s-netskope-activity
file-download ↳ netskope-activity ↳ s-netskope-activity
file-permission-change ↳ netskope-activity ↳ s-netskope-activity
file-read ↳ netskope-activity ↳ s-netskope-activity
file-upload ↳ netskope-activity ↳ s-netskope-activity
file-write ↳ netskope-activity ↳ s-netskope-activity
network-connection-failed ↳ netskope-network-connection
network-connection-successful ↳ netskope-network-connection
security-alert ↳ cef-netskope-alert ↳ cef-netskope-alert-anomaly ↳ netskope-security-alert ↳ cef-netskope-alert-malsite ↳ netskope-alert ↳ cef-netskope-alert-policy ↳ cef-netskope-alert-1 ↳ cef-netskope-alert-2 ↳ cef-netskope-alert-compromise
web-activity-allowed ↳ netskope-web-activity
web-activity-denied ↳ netskope-web-activity
|
T1048.003 - Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
|
|