Witch cathegory or signature MWG uses to identify Crypto Mining traffic (as CryptoNight, coinhive, etc)?
It's possible to block it globaly on MWG and create reports (or alert) to manage this kind of threat?
From what I've found sites like coinhive will be categorized as Resource Sharing and/or PUPs (potentially unwanted programs). coinhive belongs to both of these categories.
You can reference the category descriptions in the Trusted Source Category Set 4 referece:
I'm hoping that we'll see a category update in the near future that will include a specific category for this so we can identify these sites more explicitly.
So currently I would say if you're blocking resource sharing and PUPs you're probably blocking these sites and then you could create a report in Content Security Reporter for these categories.
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center