「検知」を基準としたシナリオベースの評価マトリックス
シナリオ2:「FIN7」によるクレジットカード情報窃盗の検知結果(前半)
| ID | AL | Bf | CP | ci | CS | Cr | CC | BC | Cn | El | ES | Fi | FE | Fo | F-S | GS | Mb | MA | |
| 初 期 侵 入 |
11.A.1 | △ | 〇 | 〇 | △ | 〇 | 〇 | 〇 | △ | 〇 | △ | 〇 | 〇 | 〇 | 〇 | △ | △ | 〇 | △ |
| 11.A.2 | × | 〇 | 〇 | △ | △ | 〇 | × | 〇 | 〇 | △ | 〇 | 〇 | 〇 | × | △ | △ | × | 〇 | |
| 11.A.3 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | |
| 11.A.4 | △ | 〇 | 〇 | △ | △ | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | |
| 11.A.5 | × | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | △ | △ | 〇 | 〇 | × | △ | △ | 〇 | 〇 | |
| 11.A.6 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | |
| 11.A.7 | △ | 〇 | 〇 | △ | 〇 | 〇 | × | 〇 | 〇 | △ | 〇 | 〇 | △ | 〇 | △ | 〇 | 〇 | 〇 | |
| 11.A.8 | △ | △ | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | △ | △ | 〇 | △ | 〇 | |
| 遅 延 さ せ た マ ル ウ ェ ア の 実 行 |
12.A.1 | △ | 〇 | △ | △ | △ | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | △ | 〇 | △ | △ | △ | △ |
| 12.A.2 | △ | 〇 | 〇 | △ | △ | 〇 | 〇 | 〇 | 〇 | △ | △ | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | |
| 12.A.3 | × | 〇 | × | × | △ | △ | 〇 | 〇 | △ | × | △ | × | × | × | × | × | △ | △ | |
| 12.A.4 | × | 〇 | 〇 | × | 〇 | 〇 | 〇 | △ | 〇 | × | 〇 | △ | 〇 | × | △ | × | 〇 | △ | |
| 12.A.5 | × | 〇 | 〇 | × | 〇 | × | 〇 | 〇 | 〇 | × | 〇 | △ | 〇 | × | △ | × | △ | △ | |
| 12.B.1 | × | 〇 | 〇 | △ | △ | 〇 | 〇 | 〇 | △ | △ | △ | 〇 | 〇 | △ | △ | △ | 〇 | 〇 | |
| タ ー ゲ ッ ト の 評 価 |
13.A.1 | × | 〇 | 〇 | × | △ | 〇 | 〇 | 〇 | △ | × | 〇 | × | × | × | 〇 | 〇 | 〇 | × |
| 13.A.2 | 〇 | △ | 〇 | △ | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | |
| 13.A.3 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | |
| 13.A.4 | × | 〇 | 〇 | × | △ | 〇 | 〇 | △ | 〇 | × | 〇 | 〇 | 〇 | × | △ | × | 〇 | × | |
| 13.A.5 | × | △ | 〇 | × | × | 〇 | 〇 | △ | △ | × | 〇 | △ | 〇 | × | △ | × | 〇 | × | |
| 13.A.6 | × | △ | 〇 | × | × | 〇 | 〇 | △ | △ | × | 〇 | △ | 〇 | × | △ | × | 〇 | × | |
| 13.A.7 | |||||||||||||||||||
| 13.A.8 | × | 〇 | 〇 | × | △ | × | 〇 | 〇 | 〇 | × | 〇 | △ | 〇 | × | △ | × | 〇 | × | |
| 13.A.9 | × | 〇 | 〇 | × | △ | × | 〇 | 〇 | 〇 | × | 〇 | △ | 〇 | × | △ | × | 〇 | × | |
| 13.B.1 | × | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | △ | △ | △ | 〇 | △ | △ | △ | △ | × | 〇 | |
| 13.B.2 | 〇 | 〇 | 〇 | △ | △ | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | |
| 13.B.3 | 〇 | 〇 | 〇 | △ | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | △ | 〇 | 〇 | |
| 13.B.4 | × | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | × | △ | △ | 〇 | 〇 | |
| 13.B.5 | × | △ | △ | × | × | × | 〇 | 〇 | △ | × | △ | 〇 | × | △ | △ | × | × | △ | |
| イ ン タ ラ ク テ ィ ブ ツ ー ル キ ッ ト の 設 置 |
14.A.1 | 〇 | 〇 | 〇 | △ | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | △ |
| 14.A.2 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | |
| 14.A.3 | 〇 | 〇 | 〇 | △ | △ | 〇 | 〇 | 〇 | 〇 | △ | △ | 〇 | 〇 | × | 〇 | × | 〇 | 〇 | |
| 14.A.4 | × | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | △ | △ | 〇 | 〇 | 〇 | × | 〇 | × | 〇 | 〇 | |
| 14.A.5 | × | 〇 | △ | × | 〇 | 〇 | 〇 | × | 〇 | × | 〇 | × | × | △ | 〇 | × | × | × | |
| 14.A.6 | × | 〇 | 〇 | × | × | 〇 | × | × | × | × | 〇 | × | × | × | 〇 | × | × | △ | |
| 14.A.7 | × | 〇 | 〇 | × | × | 〇 | × | × | × | △ | △ | × | × | × | 〇 | × | × | △ | |
| 権 限 昇 格 |
15.A.1 | × | 〇 | 〇 | × | 〇 | 〇 | 〇 | × | × | × | × | × | × | × | × | × | × | × |
| 15.A.2 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | |
| 15.A.3 | × | 〇 | 〇 | △ | △ | 〇 | × | 〇 | △ | △ | △ | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | |
| 15.A.4 | 〇 | 〇 | 〇 | △ | △ | 〇 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | |
| 15.A.5 | 〇 | 〇 | 〇 | × | 〇 | 〇 | 〇 | 〇 | 〇 | △ | △ | △ | 〇 | △ | 〇 | × | 〇 | 〇 | |
| 15.A.6 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | × | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | |
| 15.A.7 | × | × | × | × | × | 〇 | 〇 | × | × | × | × | × | × | × | × | × | × | × | |
| 15.A.8 | △ | 〇 | 〇 | △ | △ | 〇 | 〇 | △ | 〇 | 〇 | △ | 〇 | 〇 | △ | 〇 | △ | 〇 | 〇 | |
| ア ク セ ス 拡 大 |
16.A.1 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | △ | △ | △ | △ | 〇 | 〇 | 〇 | △ | △ | 〇 | △ |
| 16.A.2 | △ | 〇 | 〇 | 〇 | △ | 〇 | 〇 | △ | △ | △ | △ | 〇 | 〇 | 〇 | △ | △ | 〇 | 〇 | |
| 16.A.3 | △ | 〇 | 〇 | 〇 | △ | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | |
| 16.A.4 | △ | 〇 | 〇 | 〇 | △ | 〇 | △ | △ | 〇 | △ | △ | △ | 〇 | △ | △ | △ | 〇 | 〇 | |
| 16.A.5 | △ | 〇 | 〇 | △ | 〇 | △ | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | |
| 16.A.6 | △ | 〇 | 〇 | 〇 | △ | 〇 | 〇 | △ | 〇 | 〇 | 〇 | △ | 〇 | △ | 〇 | △ | 〇 | △ | |
| 16.A.7 | △ | 〇 | × | × | 〇 | 〇 | × | 〇 | 〇 | 〇 | 〇 | × | 〇 | 〇 | 〇 | 〇 | × | 〇 | |
| 16.A.8 | × | 〇 | 〇 | × | × | 〇 | × | × | × | × | 〇 | × | × | × | 〇 | × | × | 〇 | |
| 16.A.9 | × | 〇 | 〇 | × | × | 〇 | × | × | × | △ | △ | × | × | × | 〇 | × | × | △ | |
| ユ ー ザ ー の モ ニ タ リ ン グ を 設 定 |
17.A.1 | △ | 〇 | 〇 | 〇 | △ | 〇 | 〇 | △ | 〇 | △ | △ | 〇 | 〇 | △ | △ | △ | × | △ |
| 17.A.2 | △ | 〇 | 〇 | △ | 〇 | 〇 | 〇 | × | 〇 | △ | △ | 〇 | 〇 | × | △ | 〇 | × | 〇 | |
| 17.A.3 | 〇 | 〇 | 〇 | △ | △ | 〇 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | |
| 17.A.4 | × | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | × | 〇 | |
| 17.A.5 | × | 〇 | 〇 | × | × | 〇 | × | × | × | × | 〇 | × | × | × | 〇 | × | × | 〇 | |
| 17.A.6 | × | 〇 | 〇 | × | × | 〇 | × | × | × | △ | △ | × | × | × | 〇 | × | × | △ | |
| ユ ー ザ ー の モ ニ タ リ ン グ |
18.A.1 | × | 〇 | 〇 | × | 〇 | 〇 | × | 〇 | 〇 | 〇 | 〇 | 〇 | × | 〇 | 〇 | △ | 〇 | 〇 |
| 18.A.2 | × | × | 〇 | × | △ | 〇 | 〇 | × | × | × | × | × | × | × | × | × | × | △ | |
| 18.A.3 | × | 〇 | 〇 | × | 〇 | 〇 | × | 〇 | 〇 | 〇 | 〇 | 〇 | × | 〇 | 〇 | 〇 | 〇 | 〇 | |
| 18.A.4 | × | × | × | × | △ | 〇 | × | × | × | × | × | × | × | × | 〇 | × | × | × | |
| Shim の 永 続 性 を 設 定 |
19.A.1 | △ | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | △ | △ | × | △ | △ |
| 19.A.2 | △ | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | × | △ | |
| 19.A.3 | × | × | △ | × | × | △ | 〇 | × | △ | △ | × | △ | △ | △ | × | × | × | △ | |
| 19.B.1 | △ | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | |
| 19.B.2 | △ | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | |
| 19.B.3 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | △ | 〇 | △ | 〇 | 〇 | |
| 19.B.4 | △ | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | △ | △ | △ | 〇 | △ | 〇 | △ | 〇 | 〇 | |
| 19.B.5 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | |
| 支 払 い 情 報 の 窃 盗 |
20.A.1 | × | × | 〇 | × | × | 〇 | 〇 | × | 〇 | × | × | △ | × | △ | × | × | 〇 | × |
| 20.A.2 | × | 〇 | 〇 | × | 〇 | 〇 | 〇 | × | 〇 | 〇 | 〇 | 〇 | × | 〇 | 〇 | △ | 〇 | 〇 | |
| 20.A.3 | × | 〇 | × | × | × | × | × | × | × | × | 〇 | × | × | × | 〇 | × | × | △ | |
| 20.A.4 | × | 〇 | × | × | × | 〇 | × | × | × | △ | △ | × | × | × | 〇 | × | × | △ | |
| 20.B.1 | △ | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | △ | △ | 〇 | 〇 | △ | △ | △ | △ | 〇 | 〇 | |
| 20.B.2 | 〇 | × | 〇 | × | 〇 | × | × | 〇 | × | × | × | × | × | × | × | 〇 | × | 〇 | |
| 20.B.3 | △ | 〇 | 〇 | △ | △ | 〇 | 〇 | 〇 | △ | △ | △ | 〇 | △ | 〇 | △ | △ | 〇 | △ | |
| 20.B.4 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | △ | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | 〇 | |
| 20.B.5 | × | 〇 | △ | × | △ | × | × | △ | △ | × | × | 〇 | × | △ | × | 〇 | × | × |
AL:AhnLab
Bf:Bitdefender
CP:Check Point
ci:Cisco
CS:CrowdStrike
Cr:Cybereason
CC:CyCraft
BC:BlackBerry Cylance
Cn:Cynet
El:Elastic
ES:ESET
Fi:Fidelis
FE:FireEye
Fo:Fortinet
F-S:F-Secure
GS:GoSecure
Mb:Malwarebytes
MA:McAfee
MF:Micro Focus
Ms:Microsoft
OT:Open Text
PA:Palo Alto
RQ:ReaQta
SO:SentinelOne
So:Sophos
Sy:Symantec
TM:Trend Micro
Up:Uptycs
VCB:VMware Carbon Black