Detect Excessive Account Lockouts From Endpoint
Valid Accounts, Domain Accounts
Valid Accounts, Domain Accounts
Local Account, Create Account
Valid Accounts, Local Accounts
Local Account, Create Account
Modify Cloud Compute Configurations
DCSync, OS Credential Dumping
DCSync, OS Credential Dumping
Multi-Factor Authentication Request Generation, Multi-Factor Authentication, Device Registration
Impair Defenses, Disable or Modify Cloud Logs
Modify Registry
Disable or Modify Tools
Domain Policy Modification
Account Manipulation
Rogue Domain Controller
Steal or Forge Kerberos Tickets
Steal or Forge Kerberos Tickets, AS-REP Roasting
Cloud Accounts, Valid Accounts
Valid Accounts
Valid Accounts
Cloud Accounts, Valid Accounts
Cloud Accounts, Valid Accounts
Valid Accounts
Unused/Unsupported Cloud Regions
Cloud Accounts, Valid Accounts
Cloud Accounts, Valid Accounts
Valid Accounts
Cloud Accounts, Valid Accounts