Back to D3FEND Hub
Featured
Monitor and analyze network traffic patterns to identify malicious activity, data exfiltration, and command-and-control communications.
Implementation Guidance
- Deploy network monitoring at key chokepoints
- Baseline normal traffic patterns
- Configure alerts for anomalies
- Capture metadata for forensics
- Integrate with SIEM for correlation
Tools & Technologies
Zeek (Bro)SuricataDarktraceExtraHopCisco Stealthwatch
AI Enhancements
- ML-based traffic anomaly detection
- AI-powered C2 beacon identification
- Deep learning for encrypted traffic analysis
ATT&CK Techniques Countered
This defensive technique helps protect against the following adversary techniques: