Thread detection classification

  • Backdoor: resource compromised and capable of contacting source home
  • Behavior: activity that differs from established baseline
  • Cryptocurrency: detected software associated with cryptocurrencies
  • Pentest: activity detected similar to that generated by known penetration testing tools
  • Persistence: established a presence in the environment
  • Recon: attack scoping vulnerabilities by probing ports, listening, using database tables, etc.
  • Resource consumption: activity that differs from established baseline
  • Stealth: attack trying to hide actions/tracks
  • Trojan: program detected carrying out suspicious activity
  • Unauthorized access: suspicious activity/pattern by unauthorized user

Viet Luu has written 318 articles

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

Buy Me A Coffee

We are thankful for your never ending support.