Use-Case Activity Types/Parsers MITRE ATT&CK® TTP Content Lateral Movement app-login ↳vmware-view-str-app-login-success-viewuser authentication-failed ↳vmware-view-str-endpoint-logout-success-disconnected ↳vmware-view-kv-app-logout-success-userloggedout ↳vmware-view-str-app-logout-success-loggedoff ↳vmware-view-str-app-logout-success-loggedout ↳vmware-view-str-app-activity-success-application ↳vmware-view-str-app-notification-expired ↳vmware-view-str-app-notification-success-connection ↳vmware-view-str-app-notification-success-shutdown ↳vmware-view-str-app-notification-success-reconfigured ↳vmware-view-str-endpoint-delete-success-deleted ↳vmware-view-str-endpoint-login-success-reconnected ↳vmware-view-str-app-authentication-fail-rejected ↳vmware-view-str-app-authentication-fail-denied ↳vmware-view-str-endpoint-authentication-success-application T1078 - Valid AccountsT1090.003 - Proxy: Multi-hop Proxy 2 Rules Ransomware app-login ↳vmware-view-str-app-login-success-viewuser authentication-failed ↳vmware-view-str-endpoint-logout-success-disconnected ↳vmware-view-kv-app-logout-success-userloggedout ↳vmware-view-str-app-logout-success-loggedoff ↳vmware-view-str-app-logout-success-loggedout ↳vmware-view-str-app-activity-success-application ↳vmware-view-str-app-notification-expired ↳vmware-view-str-app-notification-success-connection ↳vmware-view-str-app-notification-success-shutdown ↳vmware-view-str-app-notification-success-reconfigured ↳vmware-view-str-endpoint-delete-success-deleted ↳vmware-view-str-endpoint-login-success-reconnected ↳vmware-view-str-app-authentication-fail-rejected ↳vmware-view-str-app-authentication-fail-denied ↳vmware-view-str-endpoint-authentication-success-application T1078 - Valid Accounts 2 Rules