Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
Detects password reset events from the Pathlock User Access Management module in SAP, forwarded to Microsoft Sentinel. Unexpected or bulk password resets may indicate account takeover preparation, credential stuffing followup, or unauthorized use of administrative password reset capabilities.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Pathlock_TDnR |
| ID | 2a3b4c5d-6e7f-4a0b-8c1d-2e3f4a5b6c53 |
| Severity | Medium |
| Status | Available |
| Kind | Scheduled |
| Tactics | CredentialAccess, Persistence |
| Techniques | T1098, T1078 |
| Required Connectors | Pathlock_TDnR |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
Pathlock_TDnR_CL |
? | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊