messaging_threema

Explanation

The messaging_threema NDM is designed to detect the presence of Threema messaging application on the network. Threema is a secure messaging application that is commonly used by individuals and organizations to protect their communication from unauthorized access.

What to Look For

If this NDM is triggered, administrators should check if Threema is present on the network or any endpoints. They should examine the traffic and see whether it is originating from or directed towards Threema servers. This can help identify any potential security risks and vulnerabilities that need to be addressed. It is important to note that Threema traffic may appear as encrypted and this is normal for this application. Admins should also check their organization's security policies regarding the use of secure messaging applications and ensure that Threema usage is not violating those policies.