Navigation :
Excessive Data Transmission
Description
Triggered when there is more than expected data transfer for a user or device. This anomaly will often be included in a data exfiltration attempt.
Content Mapping
This content is not mapped to any local saved search. Add mapping
Use Case
Insider Threat
Category
Data Exfiltration, Insider Threat
Alert Volume
Medium
(?)SPL Difficulty
None
Journey
Stage 6
MITRE ATT&CK Tactics
Exfiltration
MITRE ATT&CK Techniques
Exfiltration Over Alternative Protocol
Exfiltration Over C2 Channel
MITRE Threat Groups
APT3
APT32
Frankenstein
Gamaredon Group
Ke3chang
Kimsuky
Lazarus Group
MuddyWater
Sandworm Team
Soft Cell
Stealth Falcon
Wizard Spider
Data Sources
Network Communication