ITM is an open framework - Submit your contributions now.

Insider Threat Matrix™

DT012

Windows Operating System Installed Date - DT012

Contributor: The ITM Team @ - Detection DT012
DT013

NTFS Timestamp Discrepancy - DT013

Contributor: The ITM Team @ - Detection DT013
DT014

Utilize Cold Storage for Logs - DT014

Contributor: The ITM Team @ - Detection DT014
DT015

Windows Local Account Deleted - DT015

Contributor: The ITM Team @ - Detection DT015
DT016

Windows System Shutdown, Event Logs - DT016

Contributor: The ITM Team @ - Detection DT016
DT017

Firefox Browser History - DT017

Contributor: The ITM Team @ - Detection DT017
DT018

Edge Browser History - DT018

Contributor: The ITM Team @ - Detection DT018
DT019

Chrome Browser History - DT019

Contributor: The ITM Team @ - Detection DT019
DT020

Shellbags, USB Removable Storage - DT020

Contributor: The ITM Team @ - Detection DT020
DT021

USBSTOR Registry Key - DT021

Contributor: The ITM Team @ - Detection DT021
12...28293031323334353637