DETECTION OVERVIEW

Data Exfiltration Activity

Risk Factors

Attackers frequently seek valuable data to steal, and data can be easily transferred without advanced tools or techniques. After valuable data is successfully exfiltrated, there can be significant negative effects on the reputation and revenue of an organization.

The system might change the risk score for this detection.

Kill Chain

Actions on Objective

Risk Score

Attack Background

Attackers often target valuable data to steal, such as sensitive customer data, financial information, or trade secrets. Data exfiltration is the transfer of valuable data to unauthorized users outside of the network. Data can be exfiltrated by employees with authorized access to critical assets, or by attackers who gain unauthorized access to critical assets through malware or an exploit. Large amounts of data are often transferred outside of the network over protocols such as HTTP, SSH, FTP, or SMTP. However, attackers are more frequently encrypting transferred data to hide their activity.

Mitigation Options

Implement strict rules for outbound traffic on devices that contain valuable data

Implement strict audit controls on important documents that log every action taken on the document

Professional Services

Partners

Partner Login

Partner Finder

View All Use Cases

View All Industries

View All Integrations

Attack Background

Mitigation Options

MITRE ATT&CK ID

What else can RevealX do for you?

View our Periodic Table of use cases