{ "name": "NeuVector Network Protection", "versions": { "attack": "9", "navigator": "4.3", "layer": "4.2" }, "domain": "enterprise-attack", "description": "", "filters": { "platforms": [ "Network" ] }, "sorting": 0, "layout": { "layout": "flat", "aggregateFunction": "average", "showID": false, "showName": true, "showAggregateScores": false, "countUnscored": false }, "hideDisabled": false, "techniques": [ { "techniqueID": "T1548", "tactic": "privilege-escalation", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1548", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1134", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1134", "tactic": "privilege-escalation", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1087", "tactic": "discovery", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1098", "tactic": "persistence", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1583", "tactic": "resource-development", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1595", "tactic": "reconnaissance", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1071", "tactic": "command-and-control", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1560", "tactic": "collection", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1020", "tactic": "exfiltration", "color": "#a1d99b", "comment": "1. Network Policy\n2. Tunnel Detection\n3. Ingress/egress Control", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1020.001", "tactic": "exfiltration", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1547", "tactic": "persistence", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1547", "tactic": "privilege-escalation", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1037", "tactic": "persistence", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1037", "tactic": "privilege-escalation", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1110", "tactic": "credential-access", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1059", "tactic": "execution", "color": "#a1d99b", "comment": "1. File Access Profile\n2. Privilege Escalation Detection\n3. Admission Control", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1059.008", "tactic": "execution", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1586", "tactic": "resource-development", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1584", "tactic": "resource-development", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1136", "tactic": "persistence", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1543", "tactic": "persistence", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1543", "tactic": "privilege-escalation", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1555", "tactic": "credential-access", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1132", "tactic": "command-and-control", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1565", "tactic": "impact", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1001", "tactic": "command-and-control", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1074", "tactic": "collection", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1602", "tactic": "collection", "color": "#a1d99b", "comment": "1. Network Policy\n2. File Access Control", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1602.001", "tactic": "collection", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1602.002", "tactic": "collection", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1213", "tactic": "collection", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1491", "tactic": "impact", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1587", "tactic": "resource-development", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1561", "tactic": "impact", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1484", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1484", "tactic": "privilege-escalation", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1568", "tactic": "command-and-control", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1114", "tactic": "collection", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1573", "tactic": "command-and-control", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1499", "tactic": "impact", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1585", "tactic": "resource-development", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1546", "tactic": "privilege-escalation", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1546", "tactic": "persistence", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1480", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1048", "tactic": "exfiltration", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1011", "tactic": "exfiltration", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1052", "tactic": "exfiltration", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1567", "tactic": "exfiltration", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1190", "tactic": "initial-access", "color": "#a1d99b", "comment": "1. Network Policy\n2. Ingress/egress Control\n3. Vulnerability Scan\n4. Admission Control checks on privileged container \n5. OWASP top10 coverage", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1222", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1606", "tactic": "credential-access", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1592", "tactic": "reconnaissance", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1589", "tactic": "reconnaissance", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1590", "tactic": "reconnaissance", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1591", "tactic": "reconnaissance", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1564", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1574", "tactic": "persistence", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1574", "tactic": "privilege-escalation", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1574", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1562", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1070", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1056", "tactic": "collection", "color": "#a1d99b", "comment": "1. Process Profile\n2. Privilege Escalation Detection\n3. Admission Control", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1056", "tactic": "credential-access", "color": "#a1d99b", "comment": "1. Process Profile\n2. Privilege Escalation Detection\n3. Admission Control", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1056.001", "tactic": "collection", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1056.001", "tactic": "credential-access", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1559", "tactic": "execution", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1557", "tactic": "credential-access", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1557", "tactic": "collection", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1036", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1556", "tactic": "credential-access", "color": "#a1d99b", "comment": "1. File Access Profile\n2. Privilege Escalation Detection\n3. Admission Control", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1556", "tactic": "defense-evasion", "color": "#a1d99b", "comment": "1. File Access Profile\n2. Privilege Escalation Detection\n3. Admission Control", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1556", "tactic": "persistence", "color": "#a1d99b", "comment": "1. File Access Profile\n2. Privilege Escalation Detection\n3. Admission Control", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1556.004", "tactic": "credential-access", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1556.004", "tactic": "defense-evasion", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1556.004", "tactic": "persistence", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1578", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1601", "tactic": "defense-evasion", "color": "#a1d99b", "comment": "1. File Access Profile\n2. Privilege Escalation Detection\n3. Admission Control", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1601.001", "tactic": "defense-evasion", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1601.002", "tactic": "defense-evasion", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1599", "tactic": "defense-evasion", "color": "#a1d99b", "comment": "1. Network Policy\n2. Ingress/egress Control", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1599.001", "tactic": "defense-evasion", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1498", "tactic": "impact", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1040", "tactic": "credential-access", "color": "#a1d99b", "comment": "1. Process Profile\n2. Privilege Escalation Detection\n3. Admission Control", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1040", "tactic": "discovery", "color": "#a1d99b", "comment": "1. Process Profile\n2. Privilege Escalation Detection\n3. Admission Control", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1095", "tactic": "command-and-control", "color": "#a1d99b", "comment": "1. Network Policy\n2. Tunnel Detection\n3. Ingress/egress Control", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1003", "tactic": "credential-access", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1027", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1588", "tactic": "resource-development", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1137", "tactic": "persistence", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1069", "tactic": "discovery", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1566", "tactic": "initial-access", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1598", "tactic": "reconnaissance", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1542", "tactic": "defense-evasion", "color": "#fcf26b", "comment": "1. Privilege Escalation Detection", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1542", "tactic": "persistence", "color": "#fcf26b", "comment": "1. Privilege Escalation Detection", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1542.004", "tactic": "defense-evasion", "color": "#fcf26b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1542.004", "tactic": "persistence", "color": "#fcf26b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1542.005", "tactic": "defense-evasion", "color": "#fcf26b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1542.005", "tactic": "persistence", "color": "#fcf26b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1055", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1055", "tactic": "privilege-escalation", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1090", "tactic": "command-and-control", "color": "#a1d99b", "comment": "1. Network Policy\n2. Tunnel Detection\n3. Ingress/egress Control", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1090.003", "tactic": "command-and-control", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1563", "tactic": "lateral-movement", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1021", "tactic": "lateral-movement", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1053", "tactic": "execution", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1053", "tactic": "persistence", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1053", "tactic": "privilege-escalation", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1597", "tactic": "reconnaissance", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1596", "tactic": "reconnaissance", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1593", "tactic": "reconnaissance", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1505", "tactic": "persistence", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1218", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1216", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1518", "tactic": "discovery", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1608", "tactic": "resource-development", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1558", "tactic": "credential-access", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1553", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1195", "tactic": "initial-access", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1016", "tactic": "discovery", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1569", "tactic": "execution", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1205", "tactic": "defense-evasion", "color": "#a1d99b", "comment": "1. Network Policy\n2. Tunnel Detection\n3. Ingress/egress Control", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1205", "tactic": "persistence", "color": "#a1d99b", "comment": "1. Network Policy\n2. Tunnel Detection\n3. Ingress/egress Control", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1205", "tactic": "command-and-control", "color": "#a1d99b", "comment": "1. Network Policy\n2. Tunnel Detection\n3. Ingress/egress Control", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1205.001", "tactic": "defense-evasion", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1205.001", "tactic": "persistence", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1205.001", "tactic": "command-and-control", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1127", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1552", "tactic": "credential-access", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1550", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1550", "tactic": "lateral-movement", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1204", "tactic": "execution", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1078", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1078", "tactic": "persistence", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1078", "tactic": "privilege-escalation", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1078", "tactic": "initial-access", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1497", "tactic": "defense-evasion", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1497", "tactic": "discovery", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1600", "tactic": "defense-evasion", "color": "#a1d99b", "comment": "1. File Access Profile\n2. Privilege Escalation Detection\n3. Admission Control", "enabled": true, "metadata": [], "showSubtechniques": true }, { "techniqueID": "T1600.001", "tactic": "defense-evasion", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1600.002", "tactic": "defense-evasion", "color": "#a1d99b", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": false }, { "techniqueID": "T1102", "tactic": "command-and-control", "color": "", "comment": "", "enabled": true, "metadata": [], "showSubtechniques": true } ], "gradient": { "colors": [ "#ff6666", "#ffe766", "#8ec843" ], "minValue": 0, "maxValue": 100 }, "legendItems": [], "metadata": [], "showTacticRowBackground": false, "tacticRowBackground": "#dddddd", "selectTechniquesAcrossTactics": true, "selectSubtechniquesWithParent": false }