Description

Determining which credentials may have been compromised by analyzing the user logon history of a particular system.

Technical Details

Relationships

Related Techniques

• D3-RAPA Resource Access Pattern Analysis
• D3-ANET Authentication Event Thresholding
• D3-UDTA User Data Transfer Analysis
• D3-WSAA Web Session Activity Analysis
• D3-DAM Domain Account Monitoring
• D3-JFAPA Job Function Access Pattern Analysis
• D3-AZET Authorization Event Thresholding
• D3-LAM Local Account Monitoring
• D3-UGLPA User Geolocation Logon Pattern Analysis
• D3-SDA Session Duration Analysis

References

For the official documentation and additional resources, visit the MITRE D3FEND website.