Skip to content

Latest commit

 

History

History
17 lines (15 loc) · 4.96 KB

uc_abnormal_database_access.md

File metadata and controls

17 lines (15 loc) · 4.96 KB
Raw

Use Case: Abnormal Database Access

Vendor: IBM

Product Event Types MITRE TTP Content
Infosphere Guardium
  • database-alert
  • database-failed-login
  • database-login
  • database-query
 T1078 - Valid Accounts
T1213 - Data from Information Repositories
  • 14 Rules
  • 8 Models

Vendor: Imperva

Product Event Types MITRE TTP Content
CounterBreach
  • database-alert
 T1078 - Valid Accounts
T1213 - Data from Information Repositories
  • 14 Rules
  • 8 Models
Imperva SecureSphere
  • app-login
  • database-alert
  • database-delete
  • database-failed-login
  • database-login
  • database-query
  • database-update
  • failed-app-login
  • network-alert
  • security-alert
 T1078 - Valid Accounts
T1213 - Data from Information Repositories
  • 14 Rules
  • 8 Models

Vendor: McAfee

Product Event Types MITRE TTP Content
MDAM
  • database-alert
  • database-delete
  • database-query
  • database-update
 T1078 - Valid Accounts
T1213 - Data from Information Repositories
  • 14 Rules
  • 8 Models