Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Network Connection Telemetry #28

Open
Brandon7CC opened this issue Jun 1, 2023 · 1 comment
Open

Network Connection Telemetry #28

Brandon7CC opened this issue Jun 1, 2023 · 1 comment
Assignees
@Brandon7CC
Labels
accepted-request This feature request has been initially accepted. We'll start digging. rc-mac-feature-request

Comments

@Brandon7CC
Copy link
Contributor

At a high level -- can you summarize your request?

  • Network connection telemetry request from @jkennedyvz.
  • Add domain level netconns and correlate to process telemetry

What is the current alternative solution?

  • EDR
  • Wireshark
  • Little Snitch

Are there "In-the-Wild" threats or corresponding ATT&CK techniques that exist for which this telemetry would be helpful?

  • Lots 😁

Anything else?
N/A
@Brandon7CC Brandon7CC self-assigned this Jun 1, 2023
@Brandon7CC Brandon7CC added the accepted-request This feature request has been initially accepted. We'll start digging. label Jun 1, 2023
@jkennedyvz
Copy link

Background for this and #26 :
I'd like to demonstrate experiments for implant detection such as this using pandas/scipy/jupyter, and without relying on software that is inaccessible to individuals.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Brandon7CC Brandon7CC

Labels
accepted-request This feature request has been initially accepted. We'll start digging. rc-mac-feature-request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Brandon7CC @jkennedyvz