Product: Symantec Critical System Protection
Use-Case: Privileged Asset Abuse
Rules | Models | MITRE TTPs | Event Types | Parsers |
---|---|---|---|---|
1 | 1 | 1 | 3 | 3 |
Event Type | Rules | Models |
---|---|---|
local-logon | T1078 - Valid Accounts ↳ AL-HT-PRIV: Non-Privileged logon to privileged asset |
• AL-HT-PRIV: Privilege Users Assets |