Detecttechnique
D3-CACertificate Analysis
Certificate Analysis
Definition
Analyzing Public Key Infrastructure certificates to detect if they have been misconfigured or spoofed using both network traffic, certificate fields and third-party logs.
Defends against6
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Technique | Application Layer Protocolt1071 | 100% | live |
| Technique | Exfiltration Over C2 Channelt1041 | 100% | live |
| SubTechnique | Asymmetric Cryptographyt1573.002 | 100% | live |
| SubTechnique | Exfiltration Over Asymmetric Encrypted Non-C2 Protocolt1048.002 | 100% | live |
| Technique | Steal or Forge Authentication Certificatest1649 | 100% | live |
| SubTechnique | Web Protocolst1071.001 | 100% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.