Skip to content

Latest commit

 

History

History
191 lines (189 loc) · 48.1 KB

uc_destruction_of_data.md

File metadata and controls

191 lines (189 loc) · 48.1 KB
Raw

Use Case: Destruction of Data

Vendor: Accellion

Product MITRE ATT&CK® TTP Content
Kiteworks T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Airlock

Product MITRE ATT&CK® TTP Content
Airlock Security Access Hub T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Box

Product MITRE ATT&CK® TTP Content
Box Cloud Content Management T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Code42

Product MITRE ATT&CK® TTP Content
Code42 Incydr T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: CrowdStrike

Product MITRE ATT&CK® TTP Content
Falcon T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: CyberArk

Product MITRE ATT&CK® TTP Content
CyberArk Privilege Access Manager T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Delinea

Product MITRE ATT&CK® TTP Content
Centrify Audit and Monitoring Service T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Dell

Product MITRE ATT&CK® TTP Content
EMC Isilon T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Digital Guardian

Product MITRE ATT&CK® TTP Content
Digital Guardian Endpoint Protection T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Dropbox

Product MITRE ATT&CK® TTP Content
Dropbox T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Dtex Systems

Product MITRE ATT&CK® TTP Content
DTEX InTERCEPT T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: ESector

Product MITRE ATT&CK® TTP Content
ESector DEFESA Logger T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Egnyte

Product MITRE ATT&CK® TTP Content
Egnyte T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: FTP

Product MITRE ATT&CK® TTP Content
FTP T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: FileAuditor

Product MITRE ATT&CK® TTP Content
FileAuditor T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: GoAnywhere

Product MITRE ATT&CK® TTP Content
GoAnywhere MFT T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Google

Product MITRE ATT&CK® TTP Content
Google Workspace T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: HelpSystems

Product MITRE ATT&CK® TTP Content
Powertech Identity and Access Manager T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Imperva

Product MITRE ATT&CK® TTP Content
Imperva File Activity Monitoring T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Ipswitch

Product MITRE ATT&CK® TTP Content
MoveIt Transfer T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: LanScope

Product MITRE ATT&CK® TTP Content
LanScope Cat T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Microsoft

Product MITRE ATT&CK® TTP Content
Azure Monitor T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules
Event Viewer - Security T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules
Microsoft 365 T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules
Microsoft CAS T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules
Sysmon T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Nasuni

Product MITRE ATT&CK® TTP Content
Nasuni T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: NetApp

Product MITRE ATT&CK® TTP Content
NetApp T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: NetDocs

Product MITRE ATT&CK® TTP Content
NetDocs T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Netskope

Product MITRE ATT&CK® TTP Content
Netskope Security Cloud T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Netwrix

Product MITRE ATT&CK® TTP Content
Netwrix Auditor T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Nutanix

Product MITRE ATT&CK® TTP Content
Nutanix Unified Storage T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: OneSpan

Product MITRE ATT&CK® TTP Content
Digipass for Apps T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Oracle

Product MITRE ATT&CK® TTP Content
Oracle Access Management T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Palo Alto Networks

Product MITRE ATT&CK® TTP Content
Palo Alto Aperture T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Quest Software

Product MITRE ATT&CK® TTP Content
Quest Change Auditor for Active Directory T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Sailpoint

Product MITRE ATT&CK® TTP Content
IdentityNow T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules
SecurityIQ T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: SentinelOne

Product MITRE ATT&CK® TTP Content
Singularity Platform T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: ServiceNow

Product MITRE ATT&CK® TTP Content
ServiceNow T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: SkySea

Product MITRE ATT&CK® TTP Content
SkySea ClientView T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Symantec

Product MITRE ATT&CK® TTP Content
Symantec Advanced Threat Protection T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules
Symantec CloudSOC T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules
Symantec Endpoint Protection T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Tanium

Product MITRE ATT&CK® TTP Content
Tanium Integrity Monitor T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: TitanFTP

Product MITRE ATT&CK® TTP Content
TitanFTP T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Unix

Product MITRE ATT&CK® TTP Content
Unix T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: VMware

Product MITRE ATT&CK® TTP Content
Carbon Black EDR T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Varonis

Product MITRE ATT&CK® TTP Content
Varonis Data Security Platform T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Vectra

Product MITRE ATT&CK® TTP Content
Vectra Cognito Stream T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor: Zeek

Product MITRE ATT&CK® TTP Content
Zeek T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules

Vendor:

Product MITRE ATT&CK® TTP Content
T1070 - Indicator Removal on Host
T1070.004 - Indicator Removal on Host: File Deletion
T1485 - Data Destruction
  • 1 Rules