Web Uploads to Non-corporate Sites by Users

Description

Alerts on high volume web uploads by a user to non-corporate domains.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Compliance, Insider Threat, Advanced Threat Detection

Category

Data Exfiltration, Insider Threat, GDPR

Alert Volume

Alerts on high volume web uploads by a user to non-corporate domains.

SPL Difficulty

Advanced

Journey

Stage 2

MITRE ATT&CK Tactics

Exfiltration
Command and Control
Defense Evasion

MITRE ATT&CK Techniques

Exfiltration Over Alternative Protocol
Web Service

MITRE Threat Groups

Chimera
FIN6
Gamaredon Group
Inception
Rocke

Data Sources

Web Proxy

   GDPR Relevance

While not explicitly required for GDPR, this capability is often seen as a part of maintaining State of the Art Security and supports GDPR requirements.