Skip to content

Hide Navigation Hide TOC

Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6)

Logging, messaging, and other artifacts highlighting the health of host sensors (ex: metrics, errors, and/or exceptions from logging applications)

Cluster A Galaxy A Cluster B Galaxy B Level
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Credentials from Password Store - T1634 (cc6e0637-76d2-4af3-a604-9d8d3ff8a6b3) Attack Pattern 1
Direct Network Flood - T1498.001 (0bda01d5-4c1d-4062-8ee2-6872334383c3) Attack Pattern Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component OS Exhaustion Flood - T1499.001 (0df05477-c572-4ed6-88a9-47c581f548f7) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Disguise Root/Jailbreak Indicators - T1630.003 (a91262d5-b9ff-463f-b8d2-12e4ea1eb3c9) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Spoof Security Alerting - T1562.011 (bef8aaee-961d-4359-a308-4c2182bcedff) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Lockscreen Bypass - T1461 (dfe29258-ce59-421c-9dee-e85cb9fa90cd) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Drive-By Compromise - T1456 (fd339382-bfec-4bf0-8d47-1caedc9e7e57) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Reflection Amplification - T1498.002 (36b2a1d7-e09e-49bf-b45e-477076c2ec01) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Compromise Client Software Binary - T1645 (4f14e30b-8b57-4a7b-9093-2c0778ea99cf) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Service Exhaustion Flood - T1499.002 (38eb0c22-6caf-46ce-8869-5964bd735858) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component System Runtime API Hijacking - T1625.001 (c6e17ca2-08b5-4379-9786-89bd05241831) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Disable or Modify Tools - T1562.001 (ac08589e-ee59-4935-8667-d845e38fe579) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Replication Through Removable Media - T1458 (667e5707-3843-4da8-bd34-88b922526f0d) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Exploitation for Initial Access - T1664 (6ecbc2eb-e85a-440a-ab68-4d98f8d56fbe) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Compromise Hardware Supply Chain - T1195.003 (39131305-9282-45e4-ac3b-591d2d4fc3ef) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Resource Hijacking - T1496 (cd25c1b4-935c-4f0e-ba8d-552f28bc4783) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Indicator Blocking - T1562.006 (74d2a63f-3c7b-4852-92da-02d8fbab16da) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Hijack Execution Flow - T1625 (670a4d75-103b-4b14-8a9e-4652fa795edd) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Network Denial of Service - T1498 (d74c4a7e-ffbf-432f-9365-7ebf1f787cab) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Endpoint Denial of Service - T1499 (c675646d-e204-4aa8-978d-e3d6d65885c4) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Disable Windows Event Logging - T1562.002 (4eb28bed-d11a-4641-9863-c2ac017d910a) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Impair Command History Logging - T1562.003 (8f504411-cb96-4dac-a537-8d2bb7679c59) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Supply Chain Compromise - T1195 (3f18edba-28f4-4bb9-82c3-8aa60dcac5f7) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Boot or Logon Initialization Scripts - T1398 (46d818a5-67fa-4585-a7fc-ecf15376c8d5) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Keychain - T1634.001 (8605a0ec-b44a-4e98-a7fc-87d4bd3acb66) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Compromise Hardware Supply Chain - T1474.002 (c08366bb-8d11-4921-853f-f0a3b6a2a1da) Attack Pattern 1
Exploitation for Privilege Escalation - T1404 (351c0927-2fc1-4a2c-ad84-cbbee7eb8172) Attack Pattern Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Application Exhaustion Flood - T1499.003 (18cffc21-3260-437e-80e4-4ab8bf2ba5e9) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Compromise Software Supply Chain - T1474.003 (9558a84e-2d5e-4872-918e-d847494a8ffc) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component System Shutdown/Reboot - T1529 (ff73aa03-0090-4464-83ac-f89e233c02bc) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Application or System Exploitation - T1499.004 (2bee5ffb-7a7a-4119-b1f2-158151b19ac0) Attack Pattern 1
Host Status (85a533a4-5fa4-4dba-b45d-f0717bedd6e6) mitre-data-component Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529) Attack Pattern 1
Direct Network Flood - T1498.001 (0bda01d5-4c1d-4062-8ee2-6872334383c3) Attack Pattern Network Denial of Service - T1498 (d74c4a7e-ffbf-432f-9365-7ebf1f787cab) Attack Pattern 2
OS Exhaustion Flood - T1499.001 (0df05477-c572-4ed6-88a9-47c581f548f7) Attack Pattern Endpoint Denial of Service - T1499 (c675646d-e204-4aa8-978d-e3d6d65885c4) Attack Pattern 2
Indicator Removal on Host - T1630 (0d4e3bbb-7af5-4c88-a215-0c0906bc1e8d) Attack Pattern Disguise Root/Jailbreak Indicators - T1630.003 (a91262d5-b9ff-463f-b8d2-12e4ea1eb3c9) Attack Pattern 2
Spoof Security Alerting - T1562.011 (bef8aaee-961d-4359-a308-4c2182bcedff) Attack Pattern Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529) Attack Pattern 2
Network Denial of Service - T1498 (d74c4a7e-ffbf-432f-9365-7ebf1f787cab) Attack Pattern Reflection Amplification - T1498.002 (36b2a1d7-e09e-49bf-b45e-477076c2ec01) Attack Pattern 2
Service Exhaustion Flood - T1499.002 (38eb0c22-6caf-46ce-8869-5964bd735858) Attack Pattern Endpoint Denial of Service - T1499 (c675646d-e204-4aa8-978d-e3d6d65885c4) Attack Pattern 2
System Runtime API Hijacking - T1625.001 (c6e17ca2-08b5-4379-9786-89bd05241831) Attack Pattern Hijack Execution Flow - T1625 (670a4d75-103b-4b14-8a9e-4652fa795edd) Attack Pattern 2
Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529) Attack Pattern Disable or Modify Tools - T1562.001 (ac08589e-ee59-4935-8667-d845e38fe579) Attack Pattern 2
Supply Chain Compromise - T1195 (3f18edba-28f4-4bb9-82c3-8aa60dcac5f7) Attack Pattern Compromise Hardware Supply Chain - T1195.003 (39131305-9282-45e4-ac3b-591d2d4fc3ef) Attack Pattern 2
Indicator Blocking - T1562.006 (74d2a63f-3c7b-4852-92da-02d8fbab16da) Attack Pattern Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529) Attack Pattern 2
Disable Windows Event Logging - T1562.002 (4eb28bed-d11a-4641-9863-c2ac017d910a) Attack Pattern Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529) Attack Pattern 2
Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529) Attack Pattern Impair Command History Logging - T1562.003 (8f504411-cb96-4dac-a537-8d2bb7679c59) Attack Pattern 2
Credentials from Password Store - T1634 (cc6e0637-76d2-4af3-a604-9d8d3ff8a6b3) Attack Pattern Keychain - T1634.001 (8605a0ec-b44a-4e98-a7fc-87d4bd3acb66) Attack Pattern 2
Supply Chain Compromise - T1474 (0d95940f-9583-4e0f-824c-a42c1be47fad) Attack Pattern Compromise Hardware Supply Chain - T1474.002 (c08366bb-8d11-4921-853f-f0a3b6a2a1da) Attack Pattern 2
Application Exhaustion Flood - T1499.003 (18cffc21-3260-437e-80e4-4ab8bf2ba5e9) Attack Pattern Endpoint Denial of Service - T1499 (c675646d-e204-4aa8-978d-e3d6d65885c4) Attack Pattern 2
Supply Chain Compromise - T1474 (0d95940f-9583-4e0f-824c-a42c1be47fad) Attack Pattern Compromise Software Supply Chain - T1474.003 (9558a84e-2d5e-4872-918e-d847494a8ffc) Attack Pattern 2
Endpoint Denial of Service - T1499 (c675646d-e204-4aa8-978d-e3d6d65885c4) Attack Pattern Application or System Exploitation - T1499.004 (2bee5ffb-7a7a-4119-b1f2-158151b19ac0) Attack Pattern 2