Egress filtering monitors and restricts outbound network traffic — blocking data exfiltration, C2 communications, and unauthorized external connections from internal systems.
Most organizations focus on ingress (inbound). Egress filtering catches compromised internal systems calling home. Block unnecessary outbound ports; DNS and HTTPS egress filtering detect C2 tunneling.