• Skip to primary navigation
  • Skip to content
  • Skip to footer
Security Content Security Content
  • Detections
  • Analytic Stories
  • Playbooks
  • Blog
  • About
    • Type
      • Investigation
      • Response
    • Use Case
      • Endpoint
      • Enrichment
      • Phishing
    • D3fend Technique Category
      • Credential Eviction
      • File Analysis
      • File Eviction
      • Identifier Analysis
      • Message Analysis
      • Network Isolation
      • Restore Access
      • Restore Object
    • Soar App
      • AD LDAP
      • AWS IAM
      • Azure AD Graph
      • Carbon Black Response
      • Cisco Umbrella
      • CrowdStrike OAuth API
      • Cylance
      • Falcon Host API
      • G Suite for GMail
      • Jira
      • LDAP
      • MS Graph for Office 365
      • Palo Alto Networks Firewall
      • Panorama
      • Phantom
      • PhishTank
      • Reversing Labs
      • SMTP
      • SSH
      • ServiceNow
      • Splunk
      • Splunk Attack Analyzer Connector for Splunk SOAR
      • Threat Grid
      • TruSTAR
      • VirusTotal
      • VirusTotal v3
      • WildFire
      • Windows Defender ATP
      • Windows Remote Management
      • Zscaler
      • urlscan.io

    Credential Eviction

    Name SOAR App D3FEND Use Case
    AD LDAP Account Locking AD LDAP Account Locking Phishing, Endpoint
    AWS IAM Account Locking AWS IAM Account Locking Phishing, Endpoint
    Active Directory Disable Account Dispatch AD LDAP, Azure AD Graph Account Locking Phishing, Endpoint
    Azure AD Account Locking Azure AD Graph Account Locking Phishing, Endpoint
    • Twitter
    • GitHub
    • Feed
    © 2024 Splunk Threat Research Team (STRT). Powered by Jekyll & Minimal Mistakes.