Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This query detects high counts of download from a sensitive SAP Privileged account. A pre-built watchlist is leveraged to identify the privileged users that are under extra restrictions.
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | Business Email Compromise - Financial Fraud |
| ID | 2843e796-3d6c-4a78-a815-1db783b346a3 |
| Tactics | InitialAccess, Exfiltration |
| Techniques | T1078, T1030 |
| Required Connectors | SAP |
| Source | View on GitHub |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
↑ Back to Hunting Queries · Back to Business Email Compromise - Financial Fraud