Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
Detects events from SAP multiple login monitoring (Table USR41), forwarded by Pathlock Threat Detection and Response. Multiple concurrent sessions from different sources may indicate credential sharing, session hijacking, or compromised accounts being used simultaneously by an attacker and the legitimate user.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Pathlock_TDnR |
| ID | 2a3b4c5d-6e7f-4a0b-8c1d-2e3f4a5b6c73 |
| Severity | Medium |
| Status | Available |
| Kind | Scheduled |
| Tactics | InitialAccess, Discovery, CredentialAccess |
| Techniques | T1078, T1110 |
| Required Connectors | Pathlock_TDnR |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
Pathlock_TDnR_CL |
? | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊