Core Threat Detection – Lists

ID	Name	Endpoint Threat Detection	Network Threat Detection	User Threat Detection	Object Type	Rule ID	Object Name
-2091	Privileged Users			X	AIE Rule	511	Lateral: Admin Password Modified
-2091	Privileged Users			X	AIE Rule	713	Corruption: Audit Disabled by Admin
-2471	Module: Core Threat Detection Rules
-2549	Attack Lifecycle: Recon and Planning	X	X	X
-2550	Attack Lifecycle: Initial Compromise	X	X	X
-2551	Attack Lifecycle: Command and Control	X	X	X
-2552	Attack Lifecycle: Lateral Movement	X	X	X
-2553	Attack Lifecycle: Target Attainment	X	X	X
-2554	Attack Lifecycle: Exfil, Corruption, Disruption	X	X	X