Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
Detects changes to user-to-role assignments in SAP (SU01 roles tab), forwarded by Pathlock Threat Detection and Response. Unauthorized role assignments are the primary mechanism for granting and revoking SAP access, and unexpected changes may indicate privilege escalation, account backdooring, or unauthorized access provisioning.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Pathlock_TDnR |
| ID | 2a3b4c5d-6e7f-4a0b-8c1d-2e3f4a5b6c76 |
| Severity | High |
| Status | Available |
| Kind | Scheduled |
| Tactics | PrivilegeEscalation, Persistence |
| Techniques | T1548, T1098 |
| Required Connectors | Pathlock_TDnR |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
Pathlock_TDnR_CL |
? | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊