1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
1
There are 2 types of DGA related GuardDuty findings i.e. DGADomainRequest.B and DGADomainRequest.C!DNS.
For this finding EC2/DGADomainRequest.B: it is based on analysis of domain names using advanced heuristics and may identify new DGA domains that are not present in threat intelligence feeds. If you believe the domain has been incorrectly identified, please raise a technical support ticket with AWS support.
For this finding DGADomainRequest.C!DNS: it is based on known DGA domains from GuardDuty's threat intelligence feeds.
Please refer to this link for additional details of the DGA related findings.
répondu il y a 2 ans
Contenus pertinents
- demandé il y a 7 mois
- demandé il y a 10 mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a un an
Finding a lot of this lately, does not seem very intelligent. Lots of false positives.