Jack-McDowell
commented
3 years ago Squash this merge
Closed Jack-McDowell closed 3 years ago
Jack-McDowell
commented
3 years ago Squash this merge
Jack-McDowell
commented
3 years ago Things I'd like fixed:
* [ ] Seeing several instances where detections have First Evidence at 1601-01-01 00:00:00.0Z * [ ] investigation to very long running T1055 (see AWS)
These are both issues that are unrelated to this PR. This PR is just to properly segment hunts. Those can be fixed separately.
Merits more testing, especially with monitor mode