Threat Rules
Threat categories provided as standard out-of-the-box
APM | AWS | Active Directory | Application | Asset | Visibility | Azure | Cloud | Collection | Command and Control |
Configuration Audit | Credential Access | Data Protection | Defense Evasion | Endpoint Security | Execution | GCP | Google Workspace | Host | Identity |
Identity and Access | Impact | Initial Access | Lateral Movement | Linux | Log Auditing | MacOS | Microsoft 365 | Network | Okta |
Persistence | Post-Execution | Privilege Escalation | Windows | Zoom | cyberarkpas |