Vectra AI Japan、ITR発行の最新レポート内「NDR市場」にて国内トップシェアを獲得

詳細を見る

Research & Insights

Expert insights from Vectra AI data scientists, product engineers and security researchers empower your SOC analysts to make faster, smarter decisions.

Up-level your SOC with insights from security experts at Vectra AI, based on real-world experiences defending hybrid enterprise environments.

Join our security researchers, data scientists, and analysts as we share 11+ years of security-AI research and expertise with the global cybersecurity community.

See the Vectra AI Platform in action.

See how integrated signal from Vectra AI lets you see and stop sophisticated attacks other technologies miss.

Take the interactive tour

Resources

Breaking news and expert insights

Blue Team Workshops, on-demand webinars and global events near you

Join our security researchers, data scientists, and analysts as we share 11+ years of security-AI research and expertise with the global cybersecurity community.

Research reports, attack anatomies, white papers, guides, datasheets and customer stories

Demo Videos & Tours

See the Vectra AI Platform in action.

See how integrated signal from Vectra AI lets you see and stop sophisticated attacks other technologies miss.

Take the interactive tour

Company

See why we’re the world leader in AI security

Request an intro with a Vectra AI security expert

Deployment guides, knowledge base, release notes and security announcements

Join the team behind the world’s first AI-based cybersecurity platform

Breaking news from Vectra AI

Expert insight from security researchers, data scientists and engineers

Now Playing: 2024 State of Threat Detection and Response

Explore key insights from the 2024 State of Threat Detection and Response report, highlighting defender challenges, AI adoption, and the vendor disconnect.

Back to all detections

Command & Control

Threat Intelligence Match

Threat Intelligence Match

Possible Root Causes

Example Scenarios

Business Impact

Steps to Investigate

MITRE ATT&CK Techniques

Related Detections

Detection overview

Triggers

An internal host is connecting to an external system and the connection has met criteria specified in one or more configured threat feeds

Possible Root Causes

A host includes malware which is initiating the connection that triggered the detection • A user on the host manually initiated the connection which triggered the detection

Business Impact

Presence of command & control is a property of most attacks that originate from the outside
The threat intel feed may have included additional context tied to the specific criteria that the connection met
Business risk associated with outside control of an internal host is very high

Steps to Verify

Refer to the information accompanying your threat feed as it may include verification and remediation instructions
Determine which process on the internal host is sending the traffic which was flagged; in Windows systems, this can be done using a combination of netstat and tasklist commands
Check if a user has knowingly installed remote access software and decide whether the resulting risk is acceptable
Scan the computer for known malware and potentially reimage it, noting that some infections leave no trace on disk and reside entirely in memory

Threat Intelligence Match

Possible root causes

Malicious Detection

Benign Detection

Threat Intelligence Match

Example scenarios

Threat Intelligence Match

Business impact

If this detection indicates a genuine threat, the organization faces significant risks:

Threat Intelligence Match

Steps to investigate

Threat Intelligence Match

MITRE ATT&CK techniques covered

No items found.

Threat Intelligence Match

Related detections

No items found.

FAQs