Detections
Analytics
Network Sniffing (Windows)
Description
Adversaries may sniff network traffic to capture information about an environment, including authentication material passed over the network.
Products, Sensors, and Dependencies
| Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
|---|---|---|---|---|---|---|
| Tenable Vulnerability Management | Advanced Network Scan | Windows machines | Authenticated Scan | WMI | Network Configuration | Plugin ID: 24272 |
References
Attack Path Technique Details
Framework: MITRE ATT&CK
Family: Credential Access, Discovery
Technique: Network Sniffing
Sub-Technique: Network Sniffing
Platform: Windows
Products Required: Tenable Vulnerability Management
Tenable Release Date: 2022 Q2