Core Threat Detection – Lists
ID | Name | Endpoint Threat Detection | Network Threat Detection | User Threat Detection | Object Type | Rule ID | Object Name |
|---|---|---|---|---|---|---|---|
-2091 | Privileged Users |
|
| X | AIE Rule | 511 | Lateral: Admin Password Modified |
| AIE Rule | 713 | Corruption: Audit Disabled by Admin | |||||
-2471 | Module: Core Threat Detection Rules |
|
|
| |||
-2549 | Attack Lifecycle: Recon and Planning | X | X | X | |||
-2550 | Attack Lifecycle: Initial Compromise | X | X | X | |||
-2551 | Attack Lifecycle: Command and Control | X | X | X | |||
-2552 | Attack Lifecycle: Lateral Movement | X | X | X | |||
-2553 | Attack Lifecycle: Target Attainment | X | X | X | |||
-2554 | Attack Lifecycle: Exfil, Corruption, Disruption | X | X | X |