Unusual Machine Access

Unusual Machine Access

Description

This anomaly contains a large number of detections for rare or unusual machine access.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Advanced Threat Detection, Insider Threat, Security Monitoring, Compliance

Category

Account Compromise, IAM Analytics, Insider Threat, Lateral Movement, Zero Trust

Alert Volume

Medium

Data Availability

Bad

Journey

Stage 6

MITRE ATT&CK Tactics

Initial Access
Privilege Escalation

MITRE ATT&CK Techniques

Valid Accounts

MITRE Threat Groups

Chimera
APT39
FIN4
FIN5
FIN10
Soft Cell
Night Dragon
TEMP.Veles
Leviathan
Dragonfly 2.0
Wizard Spider
OilRig
APT41
Suckfly
Silence
FIN6
Threat Group-3390
APT18
menuPass
APT28
Sandworm Team
PittyTiger
FIN8
Carbanak
APT33

Data Sources

Windows Security