ITM is an open framework - Submit your contributions now.

Insider Threat Matrix™

PR027.004

Cloning or Forging ID Cards for Physical Access - AR3

Contributor: The ITM Team @ - Subsection PR027.004
AF022.001

Use of a Virtual Machine - AR5

Contributor: The ITM Team @ - Subsection AF022.001
AF022.003

Portable Hypervisors - AR5

Contributor: The ITM Team @ - Subsection AF022.003
AF022.004

Snapshots and Rollbacks to Remove Evidence - AR5

Contributor: The ITM Team @ - Subsection AF022.004
IF022.005

Media Leak - AR4

Contributor: The ITM Team @ - Subsection IF022.005
ME024.006

Access to Sensitive Organization Data - AR2

Contributor: The ITM Team @ - Subsection ME024.006
PR028.001

Capture via Screenshot - AR3

Contributor: The ITM Team @ - Subsection PR028.001
PR028.002

Capture via Screen Recording - AR3

Contributor: The ITM Team @ - Subsection PR028.002
AF001.003

PYTHONHISTORY Environment Variable Null - AR5

Contributor: The ITM Team @ - Subsection AF001.003
IF001.007

Exfiltration via Collaboration Platform - AR4

Contributor: The ITM Team @ - Subsection IF001.007
12...26272829303132...4445