[Use case] Detecting cryptocurrency wallet software
Hello all, In this series of posts, we'll share various product use cases, their importance, and how the product can be used to solve them. In this post, we look at the correlation rule to detect cryptocurrency wallet software within your organization. Rule name: Cryptocurrency wallet software started What the rule detects: This rule detects the running of several common cryptocurrency wallet software on your organization's devices. Why the rule is useful: Cryptocurrency mining and trading have become
[Use case] Detecting suspicious service installations
Hello all, In this series of posts, we'll share various product use cases, their importance, and how the product can be used to solve them. In this post, we look at the correlation rule to detect suspicious service installations. Rule name: Suspicious service installed What the rule detects: This rule identifies malicious services running on your organization's devices. Why the rule is useful: At any given time, a Windows machine runs several services, all of which are required to accomplish several
[Use case] Detecting suspicious software installations
Hello all, In this series of posts, we'll share various product use cases, their importance, and how the product can be used to solve them. In this post, we look at the correlation rule to detect suspicious software installations. Rule name: Suspicious software installed What the rule detects: This correlation rule allows you to detect potentially malicious software installed within your organization. Why the rule is useful: Since organizations use hundreds of applications, it's very easy for an isolated