Product: SonicWALL Aventail
Use-Case: Data Leak via Removable Device
Rules | Models | MITRE TTPs | Event Types | Parsers |
---|---|---|---|---|
1 | 1 | 1 | 2 | 2 |
Event Type | Rules | Models |
---|---|---|
vpn-logout | T1052.001 - Exfiltration Over Physical Medium: Exfiltration over USB ↳ UW-BSum: Abnormal amount of data written to USB |
• UW-BSum: Sum of bytes written to USB |