Skip to content

Latest commit

 

History

History
20 lines (18 loc) · 8.19 KB

ds_symantec_symantec_wss.md

File metadata and controls

20 lines (18 loc) · 8.19 KB
Raw

Vendor: Symantec

Product: Symantec WSS

Rules Models MITRE ATT&CK® TTPs Event Types Parsers
81 28 15 2 2
Use-Case Event Types/Parsers MITRE ATT&CK® TTP Content
Abnormal Authentication & Access web-activity-allowed
symantec-web-activity-1
symantec-web-activity-3
symantec-web-activity-2
symantec-web-activity-4
symantec-web-activity

web-activity-denied
symantec-web-activity-1
symantec-web-activity-3
symantec-web-activity-2
symantec-web-activity-4
symantec-web-activity
 T1071.001 - Application Layer Protocol: Web Protocols
  • 6 Rules
  • 6 Models
Compromised Credentials web-activity-allowed
symantec-web-activity-1
symantec-web-activity-3
symantec-web-activity-2
symantec-web-activity-4
symantec-web-activity

web-activity-denied
symantec-web-activity-1
symantec-web-activity-3
symantec-web-activity-2
symantec-web-activity-4
symantec-web-activity
 T1071.001 - Application Layer Protocol: Web Protocols
T1078 - Valid Accounts
T1102 - Web Service
T1189 - Drive-by Compromise
T1190 - Exploit Public Fasing Application
T1204.001 - T1204.001
T1566.002 - Phishing: Spearphishing Link
T1568.002 - Dynamic Resolution: Domain Generation Algorithms
  • 42 Rules
  • 23 Models
Workforce Protection web-activity-allowed
symantec-web-activity-1
symantec-web-activity-3
symantec-web-activity-2
symantec-web-activity-4
symantec-web-activity
 T1071.001 - Application Layer Protocol: Web Protocols
  • 4 Rules
  • 2 Models
Next Page -->>

MITRE ATT&CK® Framework for Enterprise

Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Collection Command and Control Exfiltration Impact
Phishing: Spearphishing Link

Valid Accounts

Drive-by Compromise

Exploit Public Fasing Application

Phishing

 User Execution

 Valid Accounts

 Valid Accounts

 Valid Accounts

 Internal Spearphishing

 Web Service

Application Layer Protocol: Web Protocols

Dynamic Resolution

Dynamic Resolution: Domain Generation Algorithms

Proxy: Multi-hop Proxy

Application Layer Protocol

Proxy

 Exfiltration Over C2 Channel

Exfiltration Over Web Service: Exfiltration to Cloud Storage

Exfiltration Over Web Service

 Resource Hijacking