Process Names and Descriptions
By examining the running processes, hackers can identify enterprise security-related processes (e.g., antivirus, endpoint detection and response (EDR) tools, SIEM agents).
Example crowdstrike
bash
By examining the running processes, hackers can identify enterprise security-related processes (e.g., antivirus, endpoint detection and response (EDR) tools, SIEM agents).
Example crowdstrike
bash
Код:
cd logs; grep -H "crowdstrike" *