Building a Sentinel Detection Lab, Part 8: Watching for Agents, Not Just Attackers
Repo: github.com/Kajal-Dhanjal/sentinel-detection-lab
Most process-lineage detections in SOC content are written to catch attackers—Office spawning PowerShell, a browser spawning cmd.exe. Part 8 is th
kajalbuilds.hashnode.dev4 min read