Skip to content

Latest commit

 

History

History
3 lines (3 loc) · 968 Bytes

2_ds_imanage_imanage.md

File metadata and controls

3 lines (3 loc) · 968 Bytes
Raw
Use-Case Activity Type (Legacy Event Type)/Parsers MITRE ATT&CK® TTP Content
Data Leak scheduled_task-trigger:success (app-activity)
imanage-i-kv-app-activity-success-appactivity
imanage-i-kv-app-activity-success-accesspermitted
imanage-i-json-app-activity-success-checkout

alert-trigger:success (dlp-alert)
imanage-i-kv-alert-trigger-success-docnum
 T1020 - Automated Exfiltration
T1071 - Application Layer Protocol
T1114 - Email Collection
T1114.003 - Email Collection: Email Forwarding Rule
TA0010 - TA0010
  • 32 Rules
  • 17 Models