Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Accellion |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Airlock |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
AssetView |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
BeyondTrust PowerBroker |
|
T1003 - OS Credential Dumping |
|
BeyondTrust Privilege Management |
|
T1003 - OS Credential Dumping |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Bitglass CASB |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Box Cloud Content Management |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Bromium Secure Platform |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Centrify Audit and Monitoring Service |
|
T1083 - File and Directory Discovery |
|
Centrify Infrastructure Services |
|
T1003 - OS Credential Dumping |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Cisco Adaptive Security Appliance |
|
T1003 - OS Credential Dumping |
|
Cisco NPE |
|
T1003 - OS Credential Dumping |
|
Cisco TACACS |
|
T1003 - OS Credential Dumping |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Citrix Netscaler |
|
T1003 - OS Credential Dumping |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Code42 Incydr |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Falcon |
|
T1003 - OS Credential Dumping T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
CyberArk Vault |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
DTEX InTERCEPT |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Dell EMC Isilon |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Digital Guardian Endpoint Protection |
|
T1003 - OS Credential Dumping T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
DTEX InTERCEPT |
|
T1003 - OS Credential Dumping T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
ESector DEFESA |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Egnyte |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
FTP |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
FireEye Endpoint Security (HX) |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Google Drive |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
HP Comware |
|
T1003 - OS Credential Dumping |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Powertech Identity Access Manager (BoKs) |
|
T1003 - OS Credential Dumping T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Unified Security Gateway |
|
T1003 - OS Credential Dumping |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
IBM DB2 |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Imperva File Activity Monitoring (FAM) |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
IPswitch MoveIt |
|
T1083 - File and Directory Discovery |
|
MoveIt DMZ |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Kiteworks |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
SharePoint |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
LanScope Cat |
|
T1003 - OS Credential Dumping T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
LogRhythm |
|
T1003 - OS Credential Dumping |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
McAfee Endpoint Security |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Microsoft Azure |
|
T1003 - OS Credential Dumping T1083 - File and Directory Discovery |
|
Microsoft Cloud App Security (MCAS) |
|
T1083 - File and Directory Discovery |
|
Microsoft Defender ATP |
|
T1003 - OS Credential Dumping |
|
Microsoft Office 365 |
|
T1003 - OS Credential Dumping T1083 - File and Directory Discovery |
|
Microsoft OneDrive |
|
T1083 - File and Directory Discovery |
|
Microsoft Sysmon |
|
T1003 - OS Credential Dumping T1083 - File and Directory Discovery |
|
Microsoft Windows |
|
T1003 - OS Credential Dumping T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Nasuni |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
NetApp |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
NetDocs |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Netskope Security Cloud |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Netwrix Auditor |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
ObserveIT |
|
T1003 - OS Credential Dumping |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Oracle Solaris |
|
T1003 - OS Credential Dumping |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Palo Alto Aperture |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
RangerAudit |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
SecurityIQ |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
SentinelOne |
|
T1003 - OS Credential Dumping T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
ServiceNow |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
ClientView |
|
T1003 - OS Credential Dumping T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
StealthIntercept |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Symantec CloudSOC |
|
T1083 - File and Directory Discovery |
|
Symantec DLP |
|
T1083 - File and Directory Discovery |
|
Symantec EDR |
|
T1003 - OS Credential Dumping |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Endpoint Platform |
|
T1003 - OS Credential Dumping |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Auditbeat |
|
T1003 - OS Credential Dumping |
|
Unix |
|
T1003 - OS Credential Dumping T1083 - File and Directory Discovery |
|
Unix Auditd |
|
T1003 - OS Credential Dumping T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
VMware Carbon Black App Control |
|
T1003 - OS Credential Dumping T1083 - File and Directory Discovery |
|
VMware Carbon Black Cloud Endpoint Standard |
|
T1003 - OS Credential Dumping T1083 - File and Directory Discovery |
|
VMware Carbon Black EDR |
|
T1003 - OS Credential Dumping |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Data Security Platform |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Vormetric |
|
T1083 - File and Directory Discovery |
|
Product | Event Types | MITRE TTP | Content |
---|---|---|---|
Zeek Network Security Monitor |
|
T1083 - File and Directory Discovery |
|