Data Sources

A database and set of services that allows administrators to manage permissions, access to network resources, and stored data objects (user, group, application, or devices)[1]

Events collected by third-party services such as mail servers, web applications, or other appliances (not by the native OS or platform)[1]

Events collected by third-party services such as mail servers, web applications, or other appliances (not by the native OS or platform)[1]

Application vetting report generated by an external cloud service.

Data sources with information about the set of devices found within the network, along with their current software and configurations

A digital document, which highlights information such as the owner's identity, used to instill trust in public keys used while encrypting network communications

Infrastructure, platforms, or software that are hosted on-premise or by third-party providers, made available to users through network connections and/or APIs[1][2]

Data object storage infrastructure hosted on-premise or by third-party providers, made available to users through network connections and/or APIs[1][2][3]

A set of containerized computing resources that are managed together but have separate nodes to execute various tasks and/or applications[1][2]

A directive given to a computer program, acting as an interpreter of some kind, in order to perform a specific task[1][2]

A directive given to a computer program, acting as an interpreter of some kind, in order to perform a specific task[1][2]

A directive given to a computer program, acting as an interpreter of some kind, in order to perform a specific task[1][2]

A standard unit of virtualized software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another[1]

Information obtained (commonly through registration or activity logs) regarding one or more IP addresses registered with human readable names (ex: mitre.org)

A non-volatile data storage device (hard drive, floppy disk, USB flash drive) with at least one formatted partition, typically mounted to the file system and/or assigned a drive letter[1]

A non-volatile data storage device (hard drive, floppy disk, USB flash drive) with at least one formatted partition, typically mounted to the file system and/or assigned a drive letter[1]

A computer program that operates or controls a particular type of device that is attached to a computer. Provides a software interface to hardware devices, enabling operating systems and other computer programs to access hardware functions without needing to know precise details about the hardware being used[1][2]

A computer resource object, managed by the I/O system, for storing data (such as images, text, videos, computer programs, or any wide variety of other media).[1]

A computer resource object, managed by the I/O system, for storing data (such as images, text, videos, computer programs, or any wide variety of other media).[1]

A network security system, running locally on an endpoint or remotely as a service (ex: cloud environment), that monitors and controls incoming/outgoing network traffic based on predefined rules[1]

Computer software that provides low-level control for the hardware and device(s) of a host, such as BIOS or UEFI/EFI

Computer software that provides low-level control for the hardware and device(s) of a host, such as BIOS or UEFI/EFI

A collection of multiple user accounts that share the same access rights to the computer and/or network resources and have common security rights[1]

A single file used to deploy a virtual machine/bootable disk into an on-premise or third-party cloud environment[1][2]

A virtual server environment which runs workloads, hosted on-premise or by third-party cloud providers[1][2]