Skip to content

Latest commit

 

History

History
24 lines (22 loc) · 5.35 KB

ds_osirium_osirium.md

File metadata and controls

24 lines (22 loc) · 5.35 KB
Raw

Vendor: Osirium

Product: Osirium

Rules Models MITRE ATT&CK® TTPs Activity Types Parsers
40 17 5 1 0
Use-Case Activity Types (Legacy Event Type)/Parsers MITRE ATT&CK® TTP Content
Abnormal Authentication & Access app-login:success (app-login)
osirium-o-str-app-login-success-logged
 T1078 - Valid Accounts
T1133 - External Remote Services
  • 12 Rules
  • 4 Models
Compromised Credentials app-login:success (app-login)
osirium-o-str-app-login-success-logged
 T1078 - Valid Accounts
T1133 - External Remote Services
T1190 - Exploit Public Fasing Application
  • 27 Rules
  • 16 Models
Data Access app-login:success (app-login)
osirium-o-str-app-login-success-logged
 T1078 - Valid Accounts
  • 5 Rules
  • 4 Models
Lateral Movement app-login:success (app-login)
osirium-o-str-app-login-success-logged
 T1090 - Proxy
T1090.003 - Proxy: Multi-hop Proxy
  • 1 Rules
Malware app-login:success (app-login)
osirium-o-str-app-login-success-logged
 T1078 - Valid Accounts
  • 1 Rules
Privilege Abuse app-login:success (app-login)
osirium-o-str-app-login-success-logged
 T1078 - Valid Accounts
  • 2 Rules
Privileged Activity app-login:success (app-login)
osirium-o-str-app-login-success-logged
 T1078 - Valid Accounts
  • 1 Rules
Ransomware app-login:success (app-login)
osirium-o-str-app-login-success-logged
 T1078 - Valid Accounts
  • 1 Rules

MITRE ATT&CK® Framework for Enterprise

Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Collection Command and Control Exfiltration Impact
External Remote Services

Valid Accounts

Exploit Public Fasing Application

 External Remote Services

Valid Accounts

 Valid Accounts

 Valid Accounts

 Proxy: Multi-hop Proxy

Proxy