Threat Rules
Threat categories provided as standard out-of-the-box:
APM | AWS | Active Directory | Application | Asset Visibility | Azure |
Cloud | Collection | Command and Control | Configuration Audit | Credential Access | Data Protection |
Defense Evasion | Endpoint Security | Execution | GCP | Google Workspace | Host |
Identity | Identity and Access | Impact | Initial Access | Lateral Movement | Linux |
Log Auditing | MacOS | Microsoft 365 | Network | Okta | Persistence |
Post-Execution | Privilege Escalation | Windows | Zoom | cyberarkpas |