Navigation :
First Time Seen Child Process of Zoom
Description
This search looks for child processes spawned by zoom.exe or zoom.us that has not previously been seen.
Content Mapping
This content is not mapped to any local saved search. Add mapping
Use Case
Security Monitoring
Category
Endpoint Compromise
Alert Volume
This search looks for child processes spawned by zoom.exe or zoom.us that has not previously been seen.
SPL Difficulty
None
Journey
Stage 3
Data Sources
Anti-Virus or Anti-Malware
Application Data
Endpoint Detection and Response
Windows Security