mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-14 06:54:57 +03:00
mukul975
20 lines
484 B
Markdown
20 lines
484 B
Markdown
# Fileless Attack Detection Template
|
|
|
|
## Telemetry Status
|
|
| Source | Enabled | Event IDs |
|
|
|--------|---------|-----------|
|
|
| Sysmon | Yes/No | 1,7,8,10,19,20,21 |
|
|
| PowerShell Script Block | Yes/No | 4104 |
|
|
| AMSI | Yes/No | 1116 |
|
|
|
|
## Detection Rules
|
|
| Rule Name | Technique | SIEM Query | Status |
|
|
|-----------|-----------|-----------|--------|
|
|
| | T1059.001 | | Active/Draft |
|
|
|
|
## Sign-Off
|
|
| Role | Name | Date |
|
|
|------|------|------|
|
|
| Detection Engineer | | |
|
|
| SOC Lead | | |
|