Compliance Analytic Stories
| Name | Data Sources | Tactics | Products | Date |
|---|---|---|---|---|
| Monitor for Unauthorized Software |
CrowdStrike ProcessRollup2, Sysmon EventID 1, Windows Event Log Security 4688
|
Credential Access Defense Evasion Reconnaissance | Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud | 2017-09-15 |
| Monitor for Updates | N/A | Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud | 2017-09-15 | |
| Monitor Backup Solution | N/A | Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud | 2017-09-12 |