List of all Data Sources in MITRE ICS ATT&CK Framework

Below is list of all 36 Data Sources used in MITRE ICS ATT&CK Framework:

  1. API monitoring
  2. Alarm history
  3. Alarm thresholds
  4. Anti-virus
  5. Application logs
  6. Asset management
  7. Authentication logs
  8. Binary file metadata
  9. Controller parameters
  10. Controller program
  11. Data historian
  12. Data loss prevention
  13. Detonation chamber
  14. Digital signatures
  15. Email gateway
  16. File monitoring
  17. Host network interfaces
  18. Mail server
  19. Malware reverse engineering
  20. Netflow/Enclave netflow
  21. Network device logs
  22. Network intrusion detection system
  23. Network protocol analysis
  24. Packet capture
  25. Process command-line parameters
  26. Process monitoring
  27. Process use of network
  28. SSl/TLS inspection
  29. Sequential event recorder
  30. Third-party application logs
  31. Web application firewall logs
  32. Web logs
  33. Web proxy
  34. Windows error reporting
  35. Windows event logs
  36. Windows registry