Detectsubtechnique

D3-ACAActive Certificate Analysis

Definition

Actively collecting PKI certificates by connecting to the server and downloading its server certificates for analysis.

Defends against6

TypeTargetConfidenceTier
TechniqueExfiltration Over C2 Channelt1041100%live
SubTechniqueExfiltration Over Asymmetric Encrypted Non-C2 Protocolt1048.002100%live
TechniqueApplication Layer Protocolt1071100%live
TechniqueSteal or Forge Authentication Certificatest1649100%live
SubTechniqueAsymmetric Cryptographyt1573.002100%live
SubTechniqueWeb Protocolst1071.001100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Defence
Certificate Analysis
Defence
Passive Certificate Analysis
Defence
Connection Attempt Analysis
Defence
Application Protocol Command Analysis
Defence
Identifier Activity Analysis
Defence
Administrative Network Activity Analysis
Sourced from MITRE D3FEND ontology. Curated by Adam Lundqvist, SQUR.