Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Indicators of Compromise
Predefined Policies and Classifiers | Data Security Solutions | Version 7.8.x
*
Identifies traffic that is thought to be malware "phoning home" or attempting to steal information. Detection is based on the analysis of traffic patterns from known infected machines. Applies only when Web Security Gateway is installed. Rules in this policy include:
*
*
*
*
Policy for the detection of a suspected malicious content dissemination such as: encrypted or manipulated information, passwords files, credit card tracks, suspected applications and dubious content such as information about the network, software license keys, and database files. The rules for this policy are:
*
*
*
*
*
*
*
*
*
Policy for detection of desktop encrypted files. Should be complemented with the unknown file type policy for unknown encryption formats. The rules for this policy are:
*
*
*
*
*
*
*
*
*
*
*
*
Searches for outbound password files, such as SAM database and UNIX/Linux password files. The rules for this policy are:
*
*
*
*
*
*

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Copyright 2016 Forcepoint LLC. All rights reserved.