Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This query identifies Copilot Studio AI agents that send HTTP requests to endpoints using non-standard ports (other than 443). Communication over uncommon ports can indicate suspicious activity, unauthorized network communication, or attempts to bypass security controls. Such behavior may expose sensitive data or create opportunities for attackers to exploit less-monitored channels. Recommended Action: Review these agents to confirm whether using non-standard ports is necessary for the busines
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | GitHub Only |
| ID | 6f1a5b7c-8d9e-0f1a-2b3c-4d5e6f7a8b9c |
| Tactics | CommandAndControl, Exfiltration |
| Techniques | T1071, T1041 |
| Source | [View on GitHub](https://github.com/Azure/Azure-Sentinel/blob/master/Hunting Queries/AI%20Agents/Copilot%20Studio%20Connector/AIAgentsHTTPNonStandardPorts.yaml) |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊