Skip to content

Latest commit

 

History

History
223 lines (221 loc) · 53.1 KB

uc_brute_force_attack.md

File metadata and controls

223 lines (221 loc) · 53.1 KB
Raw

Use Case: Brute Force Attack

Vendor: Accellion

Product MITRE ATT&CK® TTP Content
Kiteworks T1110 - Brute Force
  • 1 Rules

Vendor: Amazon

Product MITRE ATT&CK® TTP Content
AWS Bastion T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: Auth0

Product MITRE ATT&CK® TTP Content
Auth0 T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: Barracuda

Product MITRE ATT&CK® TTP Content
Barracuda Cloudgen Firewall T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 10 Rules
  • 1 Models

Vendor: Bitdefender

Product MITRE ATT&CK® TTP Content
GravityZone T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: CDS

Product MITRE ATT&CK® TTP Content
CDS T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: CatoNetworks

Product MITRE ATT&CK® TTP Content
Cato Cloud T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: Check Point

Product MITRE ATT&CK® TTP Content
Check Point Identity Awareness T1110 - Brute Force
  • 1 Rules
  • 1 Models
Check Point NGFW T1110 - Brute Force
  • 1 Rules
  • 1 Models
Check Point Security Gateway T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: Cisco

Product MITRE ATT&CK® TTP Content
AnyConnect T1110 - Brute Force
  • 1 Rules
  • 1 Models
Cisco Adaptive Security Appliance T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 10 Rules
  • 1 Models
Cisco Firepower T1110 - Brute Force
  • 1 Rules
  • 1 Models
Cisco ISE T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 10 Rules
  • 1 Models
Cisco Meraki MX appliance T1110 - Brute Force
  • 1 Rules
  • 1 Models
Duo Access T1110 - Brute Force
  • 1 Rules

Vendor: Citrix

Product MITRE ATT&CK® TTP Content
Citrix Gateway T1110 - Brute Force
  • 1 Rules
  • 1 Models
Citrix Virtual Apps T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: Claroty

Product MITRE ATT&CK® TTP Content
CTD T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: CyberArk

Product MITRE ATT&CK® TTP Content
CyberArk Privilege Access Manager T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: Delinea

Product MITRE ATT&CK® TTP Content
Centrify Authentication Service T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: Dell

Product MITRE ATT&CK® TTP Content
Sonicwall T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: Dropbox

Product MITRE ATT&CK® TTP Content
Dropbox T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: Entrust

Product MITRE ATT&CK® TTP Content
Entrust Identity Enterprise T1110 - Brute Force
  • 1 Rules

Vendor: Extreme Networks

Product MITRE ATT&CK® TTP Content
Zebra WLAN Management T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: F5

Product MITRE ATT&CK® TTP Content
F5 Access Policy Manager T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 10 Rules
  • 1 Models
F5 BIG-IP T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: Forescout

Product MITRE ATT&CK® TTP Content
EyeInspect T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: Fortinet

Product MITRE ATT&CK® TTP Content
FortiGate T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: GoAnywhere

Product MITRE ATT&CK® TTP Content
GoAnywhere MFT T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: IBM

Product MITRE ATT&CK® TTP Content
Sterling B2B Integrator T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: Ipswitch

Product MITRE ATT&CK® TTP Content
MoveIt Transfer T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: Ivanti

Product MITRE ATT&CK® TTP Content
Ivanti Pulse Secure T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: ManageEngine

Product MITRE ATT&CK® TTP Content
ADAuditPlus T1110 - Brute Force
  • 1 Rules

Vendor: McAfee

Product MITRE ATT&CK® TTP Content
McAfee Enterprise Security Manager T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: Microsoft

Product MITRE ATT&CK® TTP Content
Active Directory Federation Services T1110 - Brute Force
  • 1 Rules
Azure MFA T1110 - Brute Force
  • 1 Rules
Event Viewer - ADFS T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules
Event Viewer - NTLM T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules
Event Viewer - Security T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 10 Rules
Event Viewer - WinNat T1110 - Brute Force
  • 1 Rules
  • 1 Models
MSSQL T1110 - Brute Force
  • 1 Rules
Microsoft Defender for Endpoint T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules
Microsoft RRAS T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: NCP

Product MITRE ATT&CK® TTP Content
NCP T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: NetMotion Wireless

Product MITRE ATT&CK® TTP Content
NetMotion Wireless T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: Netwrix

Product MITRE ATT&CK® TTP Content
Netwrix Auditor T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 10 Rules

Vendor: Nortel Contivity

Product MITRE ATT&CK® TTP Content
Nortel Contivity VPN T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: Okta

Product MITRE ATT&CK® TTP Content
Okta Adaptive MFA T1110 - Brute Force
  • 1 Rules

Vendor: OneSpan

Product MITRE ATT&CK® TTP Content
OneSpan Sign T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: Open VPN

Product MITRE ATT&CK® TTP Content
Open VPN T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: Palo Alto Networks

Product MITRE ATT&CK® TTP Content
GlobalProtect T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 10 Rules
  • 1 Models

Vendor: Quest Software

Product MITRE ATT&CK® TTP Content
Quest Change Auditor for Active Directory T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 10 Rules

Vendor: RSA

Product MITRE ATT&CK® TTP Content
RSA Authentication Manager T1110 - Brute Force
  • 1 Rules
SecurID T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: SAP

Product MITRE ATT&CK® TTP Content
SAP T1110 - Brute Force
  • 1 Rules

Vendor: Sailpoint

Product MITRE ATT&CK® TTP Content
IdentityNow T1110 - Brute Force
  • 1 Rules

Vendor: SecureNet

Product MITRE ATT&CK® TTP Content
SecureNet T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: Sophos

Product MITRE ATT&CK® TTP Content
Sophos XG Firewall T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor: Symantec

Product MITRE ATT&CK® TTP Content
Symantec Critical System Protection T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: Trend Micro

Product MITRE ATT&CK® TTP Content
Deep Security T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: Unix

Product MITRE ATT&CK® TTP Content
Unix T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 10 Rules
Unix Auditd T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: VMS Software

Product MITRE ATT&CK® TTP Content
OpenVMS T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: VMware

Product MITRE ATT&CK® TTP Content
vCenter T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: Wazuh

Product MITRE ATT&CK® TTP Content
Wazuh T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: Zeek

Product MITRE ATT&CK® TTP Content
Zeek T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 9 Rules

Vendor: Zscaler

Product MITRE ATT&CK® TTP Content
Zscaler Private Access T1110 - Brute Force
  • 1 Rules
  • 1 Models

Vendor:

Product MITRE ATT&CK® TTP Content
T1021 - Remote Services
T1021.001 - Remote Services: Remote Desktop Protocol
T1110 - Brute Force
T1110.003 - T1110.003
  • 10 Rules
  • 1 Models