Analytic Rules -

20 analytic rules starting with '#'.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Jump to letter: # | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Z

Source: 📦 Solution | 📄 Standalone | 🔗 GitHub Only

Name	Severity	Source
1Password - Changes to firewall rules	Medium	📦 1Password
1Password - Changes to SSO configuration	Medium	📦 1Password
1Password - Disable MFA factor or type for all user accounts	High	📦 1Password
1Password - Log Ingestion Failure	Medium	📦 1Password
1Password - Manual account creation	Medium	📦 1Password
1Password - New service account integration created	Medium	📦 1Password
1Password - Non-privileged vault user permission change	Medium	📦 1Password
1Password - Potential insider privilege escalation via group	Medium	📦 1Password
1Password - Potential insider privilege escalation via vault	Medium	📦 1Password
1Password - Privileged vault permission change	High	📦 1Password
1Password - Secret extraction post vault access change by administrator	High	📦 1Password
1Password - Service account integration token adjustment	Medium	📦 1Password
1Password - Successful anomalous sign-in	Low	📦 1Password
1Password - User account MFA settings changed	Medium	📦 1Password
1Password - User added to privileged group	Medium	📦 1Password
1Password - Vault export	Low	📦 1Password
1Password - Vault export post account creation	Medium	📦 1Password
1Password - Vault export prior to account suspension or deletion	Medium	📦 1Password
[Deprecated] - Zinc Actor IOCs domains hashes IPs and useragent - October 2022	High	📦 Zinc Open Source
[Deprecated] Explicit MFA Deny	Medium	📦 Microsoft Entra ID

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊