Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This query identifies A365 AI agents that send HTTP requests to endpoints using non-standard ports (other than 443). Communication over uncommon ports can indicate suspicious activity, unauthorized network communication, or attempts to bypass security controls. Such behavior may expose sensitive data or create opportunities for attackers to exploit less-monitored channels. Recommended Action: Review these agents to confirm whether using non-standard ports is necessary for the business scenario
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | GitHub Only |
| ID | 9d0e1f2a-3b4c-5d6e-7f8a-9b0c1d2e3f4a |
| Tactics | CommandAndControl, Exfiltration |
| Techniques | T1071, T1041 |
| Source | [View on GitHub](https://github.com/Azure/Azure-Sentinel/blob/master/Hunting Queries/AI%20Agents/A365%20Connector/AIAgentsHTTPNonStandardPorts.yaml) |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊