Skip to content

Hide Navigation Hide TOC

Added Credentials to Existing Application (cbb67ecc-fb70-4467-9350-c910bdf7c628)

Detects when a new credential is added to an existing application. Any additional credentials added outside of expected processes could be a malicious actor using those credentials.

Cluster A Galaxy A Cluster B Galaxy B Level
Added Credentials to Existing Application (cbb67ecc-fb70-4467-9350-c910bdf7c628) Sigma-Rules Additional Cloud Credentials - T1098.001 (8a2f40cf-8325-47f9-96e4-b1ca4c7389bd) Attack Pattern 1
Account Manipulation - T1098 (a10641f4-87b4-45a3-a906-92a149cb2c27) Attack Pattern Additional Cloud Credentials - T1098.001 (8a2f40cf-8325-47f9-96e4-b1ca4c7389bd) Attack Pattern 2