Skip to content

Latest commit

 

History

History
20 lines (18 loc) · 7.93 KB

ds_apache_apache.md

File metadata and controls

20 lines (18 loc) · 7.93 KB
Raw

Vendor: Apache

Product: Apache

Rules Models MITRE ATT&CK® TTPs Activity Types Parsers
75 27 21 2 1
Use-Case Activity Types (Legacy Event Type)/Parsers MITRE ATT&CK® TTP Content
Abnormal Authentication & Access http-traffic:success (web-activity-allowed)
apache-guacamole-kv-http-session-success-client
apache-a-json-http-session-chcomaccesslog

http-session:fail (web-activity-denied)
apache-guacamole-kv-http-session-success-client
apache-a-json-http-session-chcomaccesslog
 T1071 - Application Layer Protocol
T1071.001 - Application Layer Protocol: Web Protocols
  • 6 Rules
  • 6 Models
Compromised Credentials http-traffic:success (web-activity-allowed)
apache-guacamole-kv-http-session-success-client
apache-a-json-http-session-chcomaccesslog

http-session:fail (web-activity-denied)
apache-guacamole-kv-http-session-success-client
apache-a-json-http-session-chcomaccesslog
 T1071 - Application Layer Protocol
T1071.001 - Application Layer Protocol: Web Protocols
T1078 - Valid Accounts
T1102 - Web Service
T1189 - Drive-by Compromise
T1190 - Exploit Public Fasing Application
T1204 - User Execution
T1204.001 - T1204.001
T1566 - Phishing
T1566.002 - Phishing: Spearphishing Link
T1568 - Dynamic Resolution
T1568.002 - Dynamic Resolution: Domain Generation Algorithms
  • 40 Rules
  • 22 Models
Workforce Protection http-traffic:success (web-activity-allowed)
apache-guacamole-kv-http-session-success-client
apache-a-json-http-session-chcomaccesslog
 T1071 - Application Layer Protocol
T1071.001 - Application Layer Protocol: Web Protocols
  • 4 Rules
  • 2 Models
Next Page -->>

MITRE ATT&CK® Framework for Enterprise

Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Collection Command and Control Exfiltration Impact
Phishing: Spearphishing Link

Valid Accounts

Drive-by Compromise

Exploit Public Fasing Application

Phishing

 User Execution

 Valid Accounts

 Valid Accounts

 Valid Accounts

 Internal Spearphishing

 Web Service

Application Layer Protocol: Web Protocols

Dynamic Resolution

Dynamic Resolution: Domain Generation Algorithms

Proxy: Multi-hop Proxy

Application Layer Protocol

Proxy

 Exfiltration Over C2 Channel

Exfiltration Over Web Service: Exfiltration to Cloud Storage

Exfiltration Over Web Service

 Resource Hijacking