Technical Library | Support

Go to the previous page Go to the next page View or print as PDF
TRITON AP-DATA Predefined Policies and Classifiers > Discovery policies > Indicators of Compromise
Indicators of Compromise
Predefined Policies and Classifiers | TRITON AP-DATA | Version 8.3.x
*
Suspected Malicious Dissemination for Discovery
Policy for the detection of a suspected malicious content dissemination such as: encrypted or manipulated information, passwords files, credit card tracks, suspected applications and dubious content such as information about the network, software license keys, and database files. The rules for this policy are:
*
Counter Malicious: Dubious Content
*
Counter Malicious: Encrypted files (known format)
*
Counter Malicious: Generic Encryption Detection
*
Counter Malicious: Generic Encryption Detection (Wide)
*
Counter Malicious: Malicious Concealment
*
Counter Malicious: Password files
*
Counter Malicious: Password Information
*
Counter Malicious: Suspected Applications (Steganography and Encryption)
*
Suspicious Data Concealment Applications
Policy for detection of data concealment applications. The rule for this policy is:
*
Suspicious data concealment applications: Steganography applications

Go to the previous page Go to the next page View or print as PDF
TRITON AP-DATA Predefined Policies and Classifiers > Discovery policies > Indicators of Compromise
Copyright 2016 Forcepoint LLC. All rights reserved.