APT Detection

Shared by
Ryan Wright
Advanced

This APT (Advanced Persistent Threat) detection recipe ingests EDR (Endpoint Detection and Response) and network traffic logs, while monitoring for an IoB (Indicator of Behavior) that matches malicious data exfiltration patterns.

DOWNLOAD SAMPLE DATA

Download to same directory as Quine.

To run this recipe:

 java -jar quine-x.x.x.jar -r apt-detection

Download quine
Recipe code:
DOWNLOAD recipeCUSTOMIZE recipe