eBook: Threats from Within
Review our eBook for 5 ways to boost your threat detection capability and capacity.
View this use case mapped against each tactic to reveal the MITRE ATT&CK techniques & data source:
Initial Access consists of techniques that use various entry vectors to gain their initial foothold within a network.
DATA SOURCES
• Application Log Content
• File Creation
• Network Connection Creation
• Network Traffic Content
• Process Creation
• Application Log Content
• Network Traffic Flow
• Logon Session Creation
• User Account Authentication
MITRE ATT&CK Techniques
•T1566 Phishing
•T1078 Valid Accounts
Execution consists of techniques that result in adversary-controlled code running on a local or remote system.
DATA SOURCES
MITRE ATT&CK Techniques
Privilege Escalation consists of techniques that adversaries use to gain higher-level permissions on a system or network.
DATA SOURCES
MITRE ATT&CK Techniques
Credential Access consists of techniques for stealing credentials like account names and passwords.
DATA SOURCES
MITRE ATT&CK Techniques
Discovery consists of techniques an adversary may use to gain knowledge about the system and internal network.
DATA SOURCES
MITRE ATT&CK Techniques
Lateral Movement consists of techniques that adversaries use to enter and control remote systems on a network.
DATA SOURCES
MITRE ATT&CK Techniques
Exfiltration consists of techniques that adversaries may use to steal data from your network.
DATA SOURCES
MITRE ATT&CK Techniques