E
Ecco
First rule: Sat Jun 15 2019 02:00:00 GMT+0200 (Central European Summer Time)
0rules authored
1sole author
9co-authored
Rule Types
By Severity
critical
1
high
7
medium
2
low
0
informational
0
By Status
stable
4
test
6
experimental
0
deprecated
0
unsupported
0
0
Total Rules
0
Stable Rules
0
High / Critical
0
Log Source Types
Recent RulesAll rules →
Potential Defense Evasion Via Binary Rename
Sat Jun 15 2019 02:00:00 GMT+0200 (Central European Summer Time)
mediumDetection
Suspicious Eventlog Clearing or Configuration Change Activity
Thu Sep 26 2019 02:00:00 GMT+0200 (Central European Summer Time)
highDetection
Dbghelp/Dbgcore DLL Loaded By Uncommon/Suspicious Process
Sun Oct 27 2019 02:00:00 GMT+0200 (Central European Summer Time)
mediumThreat Hunt
Meterpreter or Cobalt Strike Getsystem Service Installation - Security
Sat Oct 26 2019 02:00:00 GMT+0200 (Central European Summer Time)
highDetection
Meterpreter or Cobalt Strike Getsystem Service Installation - System
Sat Oct 26 2019 02:00:00 GMT+0200 (Central European Summer Time)
highDetection
Fsutil Suspicious Invocation
Thu Sep 26 2019 02:00:00 GMT+0200 (Central European Summer Time)
highDetection
Browse all 10 rules by Ecco
Filter the full rule library to see only their contributions