Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
Detects a successful logon by a privileged account from an ASN not logged in from in the last 14 days. Monitor these logons to ensure they are legitimate and identify if there are any similar sign ins.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Standalone Content |
| ID | 55073036-bb86-47d3-a85a-b113ac3d9396 |
| Severity | Medium |
| Kind | Scheduled |
| Tactics | DefenseEvasion |
| Techniques | T1078.004 |
| Required Connectors | AzureActiveDirectory, BehaviorAnalytics, BehaviorAnalytics |
| Source | View on GitHub |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊