All Questions
Tagged with splunk active-directory
1
question
0
votes
1
answer
60
views
How can I monitor a process being or arguments of a specific utility in my network?
Adversaries may use InstallUtil to proxy execution of code through a trusted Windows utility. It can also be used to bypass process whitelisting through use of attributes within the binary that ...