[New] Microsoft Management Console File from Unusual Path - Githubissues

elastic / detection-rules

https://www.elastic.co/guide/en/security/current/detection-engine-overview.html

Other

1.85k stars 462 forks source link

[New] Microsoft Management Console File from Unusual Path #3834

Closed Samirbous closed 6 days ago

Samirbous commented 6 days ago

broader rule to detect msc file opened from unusual paths.