Identify New User Accounts

Description

This detection search will help profile user accounts in your environment by identifying newly created accounts that have been added to your network in the past week.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Security Monitoring, Compliance

Category

Operations, GDPR

Alert Volume

This detection search will help profile user accounts in your environment by identifying newly created accounts that have been added to your network in the past week.

SPL Difficulty

None

Journey

Stage 4

MITRE ATT&CK Tactics

Defense Evasion
Persistence
Privilege Escalation
Initial Access

MITRE ATT&CK Techniques

Valid Accounts

Domain Accounts

MITRE Threat Groups

APT29
APT3
TA505
Threat Group-1314
Wizard Spider

Data Sources

User Activity Audit
Windows Security

   Help

Identify New User Accounts Help

To successfully implement this search, you need to be populating the Enterprise Security Identity_Management data model in the assets and identity framework.

   Search

Open in Search