Navigation :
Anomalous New Process
Description
Alerts when an anomalous number hosts are detected with a new process.
Content Mapping
This content is not mapped to any local saved search. Add mapping
Use Case
Advanced Threat Detection
Category
Endpoint Compromise, Unauthorized Software
Alert Volume
Alerts when an anomalous number hosts are detected with a new process.
SPL Difficulty
Advanced
Journey
Stage 3
MITRE ATT&CK Tactics
Execution
MITRE ATT&CK Techniques
Service Execution
Execution
Service Execution
MITRE Threat Groups
APT32
APT39
APT41
Blue Mockingbird
FIN6
Honeybee
Ke3chang
Silence
Wizard Spider
Data Sources
Endpoint Detection and Response