Detections
Analytics
Exploitation for Defense Evasion (Windows)
Description
Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel.
Products, Sensors, and Dependencies
| Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
|---|---|---|---|---|---|---|
| Tenable Vulnerability Management | Advanced Network Scan | Windows machines | Unauthenticated or Authenticated Scan | Any | Vulnerabilities |
Notes: This technique is not creating an attack path, rather a glyph on the computer node
Attack Path Technique Details
Framework: MITRE ATT&CK
Family: Defense Evasion
Technique: Exploitation for Defense Evasion
Sub-Technique: Exploitation for Defense Evasion
Platform: Windows
Products Required: Tenable Vulnerability Management
Tenable Release Date: 2022 Q3