Compliance Analytic Stories
Name | Data Sources | Tactics | Products | Date |
---|---|---|---|---|
Monitor for Unauthorized Software | CrowdStrike ProcessRollup2, Sysmon EventID 1, Windows Event Log Security 4688 | Credential Access Defense Evasion Reconnaissance | Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud | 2017-09-15 |
Monitor for Updates | N/A | Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud | 2017-09-15 | |
Monitor Backup Solution | N/A | Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud | 2017-09-12 |