Mirrors/keyboardcrunch-sentinelone-attack-queries
1
0
Fork 0
mirror of https://github.com/keyboardcrunch/SentinelOne-ATTACK-Queries synced 2026-06-08 17:17:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
keyboardcrunch
2020-09-16 18:04:11 -05:00
committed by GitHub
parent a2fd422766
commit a758a042c5
1 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+7 -2
View File
@@ -3,10 +3,15 @@ MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity
This project aims to document SentinelOne Deep Visibility queries for detecting Windows TTPs generated by Red Canary Co's Atomic Red Team framework. These queries have been crafted and tested on Liberty console release and should support Deep Visibility 3.0. Recommending that your Sentinel Agents be on 4.2.x or newer, as some of the indicators data being queried is only collected by newer agents.
## Tactics (IN PROGRESS)
## Tactics (COMPLETED)
[Privilege Escalation](https://github.com/keyboardcrunch/SentinelOne-ATTACK-Queries/blob/master/PrivilegeEscalation.md)
[Initial Access](https://github.com/keyboardcrunch/SentinelOne-ATTACK-Queries/blob/master/InitialAccess.md)
## Tactics (IN PROGRESS)
[Defense Evasion](https://github.com/keyboardcrunch/SentinelOne-ATTACK-Queries/blob/master/DefenseEvasion.md)
@@ -29,4 +34,4 @@ This project aims to document SentinelOne Deep Visibility queries for detecting
[Lateral Movement]()
[Initial Access]()