Detectsubtechnique
D3-PCAPassive Certificate Analysis
Definition
Collecting host certificates from network traffic or other passive sources like a certificate transparency log and analyzing them for unauthorized activity.
Defends against6
| Type | Target | Confidence | Tier |
|---|---|---|---|
| SubTechnique | Web Protocolst1071.001 | 100% | live |
| Technique | Exfiltration Over C2 Channelt1041 | 100% | live |
| SubTechnique | Asymmetric Cryptographyt1573.002 | 100% | live |
| SubTechnique | Exfiltration Over Asymmetric Encrypted Non-C2 Protocolt1048.002 | 100% | live |
| Technique | Steal or Forge Authentication Certificatest1649 | 100% | live |
| Technique | Application Layer Protocolt1071 | 100% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.