Product: SecurityExpert
Use-Case: Physical Security
| Rules | Models | MITRE ATT&CK® TTPs | Activity Types | Parsers |
|---|---|---|---|---|
| 7 | 3 | 1 | 1 | 0 |
| Event Type | Rules | Models |
|---|---|---|
| physical-access | T1078 - Valid Accounts ↳ PA-UC-F: First physical access in this location for user ↳ PA-UC-A: Abnormal physical access in this location for user ↳ PA-UB-A: Abnormal physical access in this building for user ↳ PA-UTi-A: Badge access at abnormal time ↳ PA-MC: Badge access in multiple cities within a session ↳ PA-DU: Badge access by disabled user ↳ PA-WU: Badge access by watchlist user |
• PA-UTi: Badge access time • PA-UB: Building level badge access by user • PA-UC: City level badge access by user |