Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
An Active Directory domain privilege escalation vulnerability that enables a privileged user to access the Domain Controller by abusing Active Directory Certificate Service
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Silverfort |
| ID | 9ae540c9-c926-4100-8f07-1eac22596292 |
| Severity | High |
| Kind | Scheduled |
| Tactics | PrivilegeEscalation |
| Techniques | T1068 |
| Required Connectors | SilverfortAma |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
CommonSecurityLog |
DeviceEventClassID == "NewIncident"DeviceProduct has "Admin Console"DeviceVendor has "Silverfort" |
✓ | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊