List FileZilla SFTP Activity Not Blocked By Symantec Endpoint Protection
Description This KQL query lists all FileZilla SFTP events that Symantec Endpoint Protection detected but did not block and a
Read MoreLearn by building. Master by breaking. Secure by obsession.
Learn by building. Master by breaking. Secure by obsession.
Description This KQL query lists all FileZilla SFTP events that Symantec Endpoint Protection detected but did not block and a
Read MoreDescription This KQL query lists all Adware events that Symantec Endpoint Protection detected but did not block and a summary
Read MoreDescription This KQL query lists all Ngrok events that Symantec Endpoint Protection detected but did not block and a summary
Read MoreDescription This KQL query lists all malicious scan attempt events that Symantec Endpoint Protection detected but did not block and
Read MoreDescription This KQL query lists all connections to potential and malicious websites events that Symantec Endpoint Protection detected but did
Read MoreDescription This KQL query detects Persistence events that have been performed by a user at risk, this is done based
Read MoreDescription This KQL query detects discovery events that have been performed by a user at risk, this is done based
Read MoreDescription The Windows Antimalware Scan Interface (AMSI) is a versatile interface standard that allows your applications and services to integrate
Read MoreDescription Adversaries may gather information on Group Policy settings to identify paths for privilege escalation, security measures applied within a
Read More