LetsDefend Monitoring Alert
Possible Data Exfiltration Detected
Jul, 24, 2023, 06:58 AM
Event ID: 169
Event Time: Jul, 24, 2023, 06:58 AM
Rule Name: SOC213 - Possible Data Exfiltration Detected
Alert Type: Data Leakage
MITRE Technique:
T1059 - Execution - Command and Scripting Interpreter,
T1110 - Credential Access - Brute Force,
T1041 - Exfiltration - Exfiltration Over C2 Channel,
T1133 - Initial Access - External Remote Services,
T1074 - Collection - Data Staged,
Severity: High
Incident Responder