Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
---|---|---|---|---|---|---|
Tenable.io | Advanced Network Scan | Windows machines | Authenticated Scan | SMB | Credential Guard | Plugin ID: 159817 |
Tenable.io | Advanced Network Scan | Windows machines | Authenticated Scan | SMB | Interactive logins | Plugin ID: 161502 |
Tenable.io | Advanced Network Scan | Windows machines | Authenticated Scan | WMI | Active session | Plugin ID: 92373 |
Microsoft Windows Logged On Users
Framework: MITRE ATT&CK
Family: Credential Access
Technique: OS Credential Dumping
Sub-Technique: LSASS Memory
Platform: Windows
Products Required: Tenable.io
Tenable Release Date: 2022 Q2