- 重要な情報
- アプリ内
- インフラストラクチャー
- アプリケーションパフォーマンス
- 継続的インテグレーション
- ログ管理
- セキュリティ
- UX モニタリング
- 管理
Detect execution of the nmap
network utility.
nmap
is a network utility commonly used by attackers to understand a victim’s network topology and vulnerabilities. After an attacker’s initial intrusion into a host (for example, through a web shell exploit, container breakout), they may attempt to use nmap
to do reconnaissance. This detection triggers when an execution of nmap
is detected on a system. If this is unexpected behavior, it could indicate an attacker attempting to compromise your systems.
nmap
and whether this is allowed or expected behavior.Requires Agent version 7.27 or greater