diff --git a/DefenseEvasion.md b/DefenseEvasion.md
index 4400dc5..47993e4 100644
--- a/DefenseEvasion.md
+++ b/DefenseEvasion.md
@@ -34,6 +34,8 @@ Atomics: [T1070.001](https://github.com/redcanaryco/atomic-red-team/blob/master/
 ### T1027.004 Compile After Delivery
 Atomics: [T1027.004](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1027.004/T1027.004.md)
 
+Both Atomic tests for this technique leverage csc.exe for compilation of code. The below will detect specific compilation of executables as well as dynamic compilation through detection of csc.exe creating executable files (both dll and exe).
+
 ```
 (TgtProcName = "csc.exe" AND SrcProcCmdLine Contains "/target:exe") OR (SrcProcName  = "csc.exe" AND TgtFileIsExecutable = "true" AND SrcProcParentName Not In ("svchost.exe","AbtSvcHost_.exe"))
 ```