Introducing C2 Detection: Know When Your Edge Devices Are Calling Home to Attackers
ATT&CK techniques detected
T1071.001Web Protocols
60%
"introducing c2 detection : know when your edge devices are calling home to attackers when a firewall gets exploited, nothing happens, at least, nothing you can see. no edr alert. no endpoint log. the device just quietly reaches out to an attacker - controlled server, downloads a …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1071.001Web Protocols
46%
"their kill chain so your response matches the actual risk. two signals. one answer : you ’ re compromised c2 detection strengthens a use case greynoise customers already know, detecting compromised assets by adding a second, independent signal : - signal a ( existing ) : your org…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1071.001Web Protocols
31%
"from edge devices and match destination ips against the greynoise callback dataset. if there ' s a hit, the attack stage tells you how serious it is and what to do next. - enrich your siem and soar with callback context. pull callback stage and metadata via the api and use it to …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
We're launching C2 Detection — a new GreyNoise intelligence module that gives you two distinct, high-confidence signals that a device in your environment has been compromised.