Mirrors/keyboardcrunch-sentinelone-queries
1
0
Fork 0
mirror of https://github.com/keyboardcrunch/sentinelone-queries synced 2026-06-09 09:27:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixed false pos

Browse Source
This commit is contained in:
keyboardcrunch
2020-12-06 01:09:10 -06:00
parent a7503f04a6
commit 4d4b09a627
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
queries/linux/local_account_added_nix.yml
+2 -1
View File
@@ -9,6 +9,7 @@ mitre:
subtechnique: subtechnique:
operating_system: linux operating_system: linux
query: SrcProcCmdLine In Contains Anycase ("useradd") query: SrcProcCmdLine In Contains Anycase ("useradd")
false_positives: General account maintenance. false_positives:
- General account maintenance.
tags: tags:
references: references: