Suspicious Data Collection

Suspicious Data Collection

Description

This threat is generated when a user (or group of users) exhibit behavior that indicates the user is involved in data collection.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Advanced Threat Detection, Security Monitoring, Insider Threat

Category

Adversary Tactics, Endpoint Compromise, Insider Threat, Malware

Alert Volume

Low

Data Availability

Bad

Journey

Stage 6

Data Sources

Box
Network Communication
Host-based IDS
IDS or IPS
Endpoint Detection and Response
Application Data
Web Proxy
Anti-Virus or Anti-Malware
DLP
Email