Skip to content

Latest commit

 

History

History
14 lines (12 loc) · 801 Bytes

r_m_wazuh_wazuh_Compromised_Credentials.md

File metadata and controls

14 lines (12 loc) · 801 Bytes

Rules by Product and UseCase

Vendor: Wazuh

Product: Wazuh

Rules Models MITRE ATT&CK® TTPs Activity Types Parsers
3 1 1 1 0
Event Type Rules Models
failed-logon T1078 - Valid Accounts
SEQ-UH-04: Failed logon by a service account
SEQ-UH-05: Failed interactive logon by a service account
SEQ-UH-07: Failed logon to an asset that user has not previously accessed
AE-UA: All activity for users