Elastic-Ban is a collection of detections built for the elastic SIEM. This is a free to use collection of detections. Feel free to add in your own using the template!
| net-recon-domain | net-domain-local | Powershell IEX | Powershell AD Check |
Elastic-Ban is a collection of detections built for the elastic SIEM. This is a free to use collection of detections. Feel free to add in your own using the template!
| net-recon-domain | net-domain-local | Powershell IEX | Powershell AD Check |