About C2_10a (T1071.001) Detected on the server

Endpoint appears as malicious behavior, but shouldn't detecting c2 be the purview of IPS? Why is it showing malicious behavior?

Or is the ips module already involved?



Added Tags
[edited by: GlennSen at 12:24 PM (GMT -7) on 3 Oct 2024]
Parents Reply Children