Navigation :
Suspicious Domain Communication
Description
Triggered when a user visits a malicious or suspicious site. This classification is determined by NGFW categories.
Content Mapping
This content is not mapped to any local saved search. Add mapping
Use Case
Advanced Threat Detection, Security Monitoring, Insider Threat
Category
Command and Control, Endpoint Compromise, Data Exfiltration
Alert Volume
Medium
(?)SPL Difficulty
None
Journey
Stage 6
MITRE ATT&CK Tactics
Command and Control
MITRE ATT&CK Techniques
Custom Command and Control Protocol
Application Layer Protocol
Non-Application Layer Protocol
MITRE Threat Groups
APT29
APT3
APT32
APT37
Dragonfly 2.0
FIN6
Magic Hound
OilRig
PLATINUM
Rocke
Data Sources
Web Proxy