Skip to content

Latest commit

 

History

History
4 lines (4 loc) · 1.73 KB

2_ds_mastersam_mastersam_pam.md

File metadata and controls

4 lines (4 loc) · 1.73 KB
Use-Case Activity Type (Legacy Event Type)/Parsers MITRE ATT&CK® TTP Content
Lateral Movement vpn-login:fail (authentication-failed)
mastersam-pam-kv-endpoint-authentication-fail-loginfail
mastersam-pam-kv-endpoint-authentication-fail-otpfailed

vpn-authentication:success (authentication-successful)
mastersam-pam-kv-endpoint-authentication-success-login
mastersam-pam-kv-endpoint-authentication-success-verifiedotp
 T1078 - Valid Accounts
T1090 - Proxy
T1090.003 - Proxy: Multi-hop Proxy
  • 1 Rules
Ransomware vpn-login:fail (authentication-failed)
mastersam-pam-kv-endpoint-authentication-fail-loginfail
mastersam-pam-kv-endpoint-authentication-fail-otpfailed

vpn-authentication:success (authentication-successful)
mastersam-pam-kv-endpoint-authentication-success-login
mastersam-pam-kv-endpoint-authentication-success-verifiedotp
 T1078 - Valid Accounts
  • 1 Rules