Navigation :
Infected Host
Description
This threat looks for a suspicious first step such as a suspicious powershell command or USB insertion.
Content Mapping
This content is not mapped to any local saved search. Add mapping
Use Case
Advanced Threat Detection, Security Monitoring
Category
Adversary Tactics, Endpoint Compromise, Malware
Alert Volume
Low
(?)SPL Difficulty
None
Journey
Stage 4
Data Sources
Windows Security
Host-based IDS
Network Communication
Anti-Virus or Anti-Malware
DNS
IDS or IPS
Authentication
DLP
Email
Endpoint Detection and Response
Web Proxy