Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Detects recent leaks of customer account credentials based on CYFIRMA's threat intelligence. This rule surfaces the latest credential exposures, including email, username, and breach metadata. It enables security teams to quickly identify and investigate leaked customer data from third-party breaches, dark web listings, or public repositories.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Cyfirma Compromised Accounts |
| ID | ebd1bf8d-aa18-4e66-9cad-555b71a290f1 |
| Severity | High |
| Status | Available |
| Kind | Scheduled |
| Tactics | CredentialAccess, InitialAccess |
| Techniques | T1552, T1078 |
| Required Connectors | CyfirmaCompromisedAccountsDataConnector |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
CyfirmaCompromisedAccounts_CL |
? | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
↑ Back to Analytic Rules · Back to Cyfirma Compromised Accounts