Vendor
high
advisory
CyberArk Privileged Access Security Error Audit Event Promotion
2 rules 2 TTPsThis rule identifies CyberArk Privileged Access Security (PAS) error level audit events, which are considered alertable events by the vendor and may indicate privilege escalation or initial access attempts.
CyberArk Privileged Access Security
cyberarkpas
privilege-escalation
initial-access
2r
2t
high
advisory
CyberArk PAS Recommended Monitor Events
3 rules 4 TTPsThis rule identifies CyberArk Privileged Access Security (PAS) events recommended for monitoring, focusing on non-error level audit events to detect potential privilege escalation, initial access, credential access, and persistence activities.
CyberArk Privileged Access Security
cyberarkpas
privilege-escalation
initial-access
credential-access
persistence
3r
4t