Vendor: Gemalto

Product: Gemalto MFA

Rules	Models	MITRE TTPs	Event Types	Parsers
50	24	9	2	2

Use-Case	Event Types/Parsers	MITRE TTP	Content
Abnormal Authentication & Access	authentication-successful ↳q-gemalto-auth-failed dlp-alert ↳q-gemalto-auth-success	T1078 - Valid Accounts T1133 - External Remote Services	11 Rules 4 Models
Compromised Credentials	authentication-successful ↳q-gemalto-auth-failed dlp-alert ↳q-gemalto-auth-success	T1078 - Valid Accounts T1133 - External Remote Services	4 Rules 1 Models
Data Exfiltration	authentication-successful ↳q-gemalto-auth-failed dlp-alert ↳q-gemalto-auth-success	T1020 - Automated Exfiltration T1048 - Exfiltration Over Alternative Protocol T1071 - Application Layer Protocol T1204 - User Execution	29 Rules 17 Models
Data Leak	authentication-successful ↳q-gemalto-auth-failed dlp-alert ↳q-gemalto-auth-success	T1020 - Automated Exfiltration T1048 - Exfiltration Over Alternative Protocol T1071 - Application Layer Protocol T1204 - User Execution	29 Rules 17 Models
Evasion	authentication-successful ↳q-gemalto-auth-failed dlp-alert ↳q-gemalto-auth-success	T1090.003 - Proxy: Multi-hop Proxy	1 Rules
Malware	authentication-successful ↳q-gemalto-auth-failed dlp-alert ↳q-gemalto-auth-success	T1078 - Valid Accounts T1204 - User Execution	3 Rules 2 Models
Privilege Escalation	authentication-successful ↳q-gemalto-auth-failed dlp-alert ↳q-gemalto-auth-success	T1021.002 - Remote Services: SMB/Windows Admin Shares T1087 - Account Discovery	1 Rules 1 Models
Ransomware	authentication-successful ↳q-gemalto-auth-failed dlp-alert ↳q-gemalto-auth-success	T1078 - Valid Accounts	1 Rules

ATT&CK Matrix for Enterprise

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
External Remote Services Valid Accounts	User Execution	External Remote Services Valid Accounts	Valid Accounts	Valid Accounts		Account Discovery	Remote Services Remote Services: SMB/Windows Admin Shares		Proxy: Multi-hop Proxy Application Layer Protocol Proxy	Exfiltration Over Alternative Protocol Automated Exfiltration

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ds_gemalto_gemalto_mfa.md

ds_gemalto_gemalto_mfa.md

Vendor: Gemalto

Product: Gemalto MFA

ATT&CK Matrix for Enterprise

Files

ds_gemalto_gemalto_mfa.md

Latest commit

History

ds_gemalto_gemalto_mfa.md

File metadata and controls

Vendor: Gemalto

Product: Gemalto MFA

ATT&CK Matrix for Enterprise