infosecn1nja
/
DeTTECT
mirror of https://github.com/infosecn1nja/DeTTECT.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
DeTTECT/ threat-actor-data/pre-sub-techniques/20190319-RedCanary.yaml

147 lines
4.6 KiB
YAML
Raw Blame History

%YAML 1.2
---
# Source: https://resources.redcanary.com/hubfs/ThreatDetectionReport-2019.pdf
version: 1.0
file_type: group-administration
platform:
- Windows
- Linux
- macOS
groups:
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - overall
campaign:
technique_id:
T1086: 1774
T1064: 794
T1117: 710
T1090: 607
T1193: 424
T1036: 419
T1003: 405
T1060: 378
T1085: 372
T1035: 336
T1089: 313
T1059: 294
T1087: 289
T1015: 252
T1053: 232
T1047: 200
T1055: 156
T1027: 121
T1077: 116
T1097: 86
T1105: 71
T1197: 62
T1204: 57
T1140: 52
T1088: 45
T1070: 45
T1074: 39
T1170: 32
T1100: 30
T1127: 29
T1069: 27
T1420: 27
T1146: 27
T1028: 25
T1002: 20
T1218: 18
T1048: 18
T1118: 15
T1068: 13
T1121: 13
software_id: []
enabled: True
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - financials
campaign:
technique_id: [T1015, T1036, T1060, T1064, T1085, T1086, T1089, T1090, T1117, T1193]
software_id: []
enabled: False
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - communication
campaign:
technique_id: [T1086, T1035, T1117, T1064, T1003, T1090, T1036, T1060, T1193, T1053]
software_id: []
enabled: False
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - education
campaign:
technique_id: [T1086, T1077, T1053, T1064, T1003, T1060, T1055, T1036, T1089, T1090]
software_id: []
enabled: False
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - energy
campaign:
technique_id: [T1086, T1193, T1059, T1047, T1085, T1035, T1064, T1036, T1097, T1003]
software_id: []
enabled: False
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - government
campaign:
technique_id: [T1117, T1060, T1086, T1003, T1036, T1193, T1027, T1089, T1015, T1105]
software_id: []
enabled: False
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - health
campaign:
technique_id: [T1086, T1003, T1117, T1059, T1105, T1053, T1193, T1036, T1064, T1090]
software_id: []
enabled: False
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - hospitality
campaign:
technique_id: [T1086, T1064, T1036, T1140, T1100, T1047, T1193, T1090, T1015, T1003]
software_id: []
enabled: False
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - industrial
campaign:
technique_id: [T1086, T1064, T1117, T1090, T1036, T1060, T1085, T1193, T1015, T1059]
software_id: []
enabled: False
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - media
campaign:
technique_id: [T1086, T1193, T1090, T1064, T1036, T1060, T1059, T1003, T1015, T1089]
software_id: []
enabled: False
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - nonprofit
campaign:
technique_id: [T1086, T1059, T1064, T1089, T1117, T1036, T1003, T1193, T1060, T1105]
software_id: []
enabled: False
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - pharmaceuticals
campaign:
technique_id: [T1003, T1086, T1064, T1036, T1193, T1035, T1047, T1059, T1055, T1085]
software_id: []
enabled: False
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - retail
campaign:
technique_id: [T1193, T1086, T1064, T1059, T1060, T1090, T1036, T1015, T1089, T1055]
software_id: []
enabled: False
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - services
campaign:
technique_id: [T1086, T1117, T1047, T1003, T1064, T1087, T1193, T1060, T1036, T1090]
software_id: []
enabled: False
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - technology
campaign:
technique_id: [T1087, T1035, T1086, T1090, T1089, T1064, T1193, T1003, T1036, T1117]
software_id: []
enabled: False
-
group_name: Red Canary Threat Detection Report 2019 (1st edition) - transportation
campaign:
technique_id: [T1086, T1035, T1085, T1064, T1117, T1059, T1060, T1090, T1089, T1036]
software_id: []
enabled: False
Reference in New Issue View Git Blame Copy Permalink