mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-11 21:54:56 +03:00
mukul975
484 B
484 B
Fileless Attack Detection Template
Telemetry Status
| Source | Enabled | Event IDs |
|---|---|---|
| Sysmon | Yes/No | 1,7,8,10,19,20,21 |
| PowerShell Script Block | Yes/No | 4104 |
| AMSI | Yes/No | 1116 |
Detection Rules
| Rule Name | Technique | SIEM Query | Status |
|---|---|---|---|
| T1059.001 | Active/Draft |
Sign-Off
| Role | Name | Date |
|---|---|---|
| Detection Engineer | ||
| SOC Lead |