Excessive Downloads via VPN

Excessive Downloads via VPN

Description

This is a subset of the Excessive Data Transmission anomaly that looks only at volume of downloaded data while on VPN.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Advanced Threat Detection, Security Monitoring, Insider Threat

Category

Account Compromise, Data Exfiltration, Insider Threat, Zero Trust

Alert Volume

Medium

Data Availability

Bad

Journey

Stage 3

MITRE ATT&CK Tactics

Exfiltration

MITRE ATT&CK Techniques

Exfiltration Over Other Network Medium

Data Sources

Network Communication