Increase in DNS Requests by client than the daily average count (ASIM DNS Solution)

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Content Index

---

Checking for a threefold increase or more in Full Name lookups per client IP for today vs. the daily average for the previous week.

Attribute	Value
Type	Hunting Query
Solution	DNS Essentials
ID	b31b5d70-4c75-4a5f-8af7-6a83f6eb372c
Tactics	CommandAndControl, Exfiltration
Techniques	T1568, T1008, T1048
Source	View on GitHub

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Hunting Queries · Back to DNS Essentials