Find processes by name, hostname, and username.Find processes by reputational threat level.Find all processes by name and by reputation.Group by Linux process permissions and process name.Group by processes running on unique hosts.Find Mimikatz by hostname and parent process command line.Find MMC launching ADUC by endpoint and username.Find Microsoft Management Console and its command line.Find processes that contain a specific word in their command line and/or by hostname.Find Netstat processes by hostname and command line.Find ping process by hostname and command line.Find hosts with psexec or psexecsvc running as either the parent or child process.Find all unique assets with chosen software running.Logs available in the Endpoint Activity log set.Query EET data with the Endpoint Activity log set.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |