LetsDefend Monitoring Alert

Corporate Policy Violation

Mar, 26, 2024, 05:17 AM

Event ID: 242

Event Time: Mar, 26, 2024, 05:17 AM

Rule Name: SOC269 - Corporate Policy Violation - Insider Threat Activities Detected

Alert Type: Data Leakage

MITRE Technique:
T1078 - Initial Access - Valid Accounts,
T1204 - Execution - User Execution,
T1567 - Exfiltration - Exfiltration Over Web Service,
T1560 - Collection - Archive Collected Data,
T1005 - Collection - Data from Local System,
T1114 - Collection - Email Collection,
T1070 - Defense Evasion - Indicator Removal,
T1070.004 - Defense Evasion - Indicator Removal: File Deletion,

Severity: High

Incident Responder

2025 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166