Rules by Product and UseCase

October 24, 2023 · View on GitHub

Vendor: BeyondTrust

Rules	Models	MITRE ATT&CK® TTPs	Activity Types	Parsers
1	0	1	1	1

Event Type	Rules	Models
process-created	T1496 - Resource Hijacking ↳ A-EPA-Shadow-Mining-name: Process ending with 'miner.exe' has been run on this asset