Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This query identifies A365 AI agents that send HTTP requests to endpoints using non-standard ports (other than 443). Communication over uncommon ports can indicate suspicious activity, unauthorized network communication, or attempts to bypass security controls. Such behavior may expose sensitive data or create opportunities for attackers to exploit less-monitored channels. Recommended Action: Review these agents to confirm whether using non-standard ports is necessary for the business scenario
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | GitHub Only |
| ID | 9d0e1f2a-3b4c-5d6e-7f8a-9b0c1d2e3f4a |
| Tactics | CommandAndControl, Exfiltration |
| Techniques | T1071, T1041 |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
AIAgentsInfo |
? | ✗ | ? |
IdentityInfo |
✓ | ✗ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊