ITM is an open framework - Submit your contributions now.

Insider Threat Matrix™

DT023

MountedDevices Registry Key - DT023

Contributor: The ITM Team @ - Detection DT023
DT024

Windows Event Log, DriverFrameworks-UserMode - DT024

Contributor: The ITM Team @ - Detection DT024
DT025

Windows Setupapi.dev.log - DT025

Contributor: The ITM Team @ - Detection DT025
DT026

Windows LNK Files - DT026

Contributor: The ITM Team @ - Detection DT026
DT027

Windows Prefetch - DT027

Contributor: The ITM Team @ - Detection DT027
DT028

File Metadata - DT028

Contributor: The ITM Team @ - Detection DT028
DT029

File EXIF Data - DT029

Contributor: The ITM Team @ - Detection DT029
DT030

auditd Timestamp Modification Rule - DT030

Contributor: The ITM Team @ - Detection DT030
DT032

Windows Thumbcache - DT032

Contributor: The ITM Team @ - Detection DT032
DT033

Closed-Circuit Television - DT033

Contributor: The ITM Team @ - Detection DT033
12...28293031323334353637