Skip to content

Latest commit

 

History

History
19 lines (17 loc) · 10.1 KB

ds_ping_identity_ping_identity.md

File metadata and controls

19 lines (17 loc) · 10.1 KB

Vendor: Ping Identity

Product: Ping Identity

Rules Models MITRE ATT&CK® TTPs Activity Types Parsers
51 17 8 7 38
Use-Case Activity Types/Parsers MITRE ATT&CK® TTP Content
Abnormal Authentication & Access account-password-change
pingidentity-pi-cef-endpoint-login-sso

account-password-reset
pingidentity-pi-cef-endpoint-login-sso

app-login
pingidentity-pi-cef-app-login-success-sso-1
pingidentity-pi-json-app-login-success-sso
pingidentity-pi-json-app-login-success-sso-1
pingidentity-pi-kv-app-login-success-sso
pingidentity-pi-cef-app-login-success-sso
pingidentity-pi-cef-app-login-sso-idp
pingidentity-pi-cef-app-login-password
pingidentity-pi-cef-app-login-sso-session
pingidentity-pi-cef-app-login-sso

authentication-failed
pingidentity-pi-cef-app-authentication-success-oauth
pingidentity-pi-cef-app-authentication-success-authnsessionused
pingidentity-pi-cef-app-authentication-success-authnattempt
pingidentity-pi-cef-app-authentication-success-authnsessioncreated
pingidentity-pi-cef-app-authentication-success-inprogress-1
pingidentity-pi-cef-app-authentication-success-inprogress
pingidentity-pi-str-app-authentication-success-authattempt
pingidentity-pi-json-app-authentication-success-wazuhalerts
pingidentity-pi-cef-app-authentication-success-eamauth
pingidentity-pi-json-app-authentication-success-pingid
pingidentity-pi-json-app-authentication-success-user
pingidentity-pi-str-app-authentication-success-oauth
pingidentity-pi-cef-app-logout-success-pingfederate
pingidentity-pi-kv-app-logout-success-slo
pingidentity-pi-cef-app-logout-success-slo
pingidentiy-pi-cef-app-logout-success-authsessiondelete
pingidentity-pi-cef-app-logout-success-slo-1
pingidentity-pi-kv-app-logout-success-authsessiondelete
pingidentity-pi-json-app-authentication-fail-unsuccessattempt
pingidentity-pi-cef-endpoint-authentication-fail-authfailure
pingidentity-pi-cef-endpoint-authentication-fail-failure
pingidentity-pi-json-endpoint-authentication-success-fail-idp
pingidentity-pi-cef-endpoint-login-sso

authentication-successful
pingidentity-pi-str-endpoint-login-success-oauth
pingidentity-pi-str-endpoint-login-success-authn
pingidentity-pi-cef-endpoint-authentication-success-authsuccess
pingidentity-pi-cef-endpoint-authentication-success-authenticated
pingidentity-pi-cef-endpoint-authentication-success-authnsessioncreated
pingidentity-pi-json-endpoint-authentication-success-fail-idp
pingidentity-pi-cef-endpoint-login-sso

failed-app-login
pingidentity-pi-cef-app-login-fail-sso
pingidentity-pi-json-app-login-fail-sso
pingidentity-pi-cef-app-login-fail-sso-1
pingidentity-pi-cef-app-login-sso-idp
pingidentity-pi-cef-app-login-password
pingidentity-pi-cef-app-login-sso-session
pingidentity-pi-cef-app-login-sso
pingidentity-pi-sk4-app-authentication-success-delivery
pingidentity-pi-sk4-app-authentication-success-queue
 T1078 - Valid Accounts
T1133 - External Remote Services
  • 15 Rules
  • 4 Models
Account Manipulation account-password-change
pingidentity-pi-cef-endpoint-login-sso

account-password-reset
pingidentity-pi-cef-endpoint-login-sso
 T1098 - Account Manipulation
  • 1 Rules
Next Page -->>

MITRE ATT&CK® Framework for Enterprise

Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Collection Command and Control Exfiltration Impact
External Remote Services

Valid Accounts

Exploit Public Fasing Application

 External Remote Services

Valid Accounts

Account Manipulation

 Valid Accounts

 Valid Accounts

 Dynamic Resolution

Dynamic Resolution: Domain Generation Algorithms

Proxy: Multi-hop Proxy

Application Layer Protocol

Proxy