JP
James Pemberton
First rule: Sat Jun 15 2019 02:00:00 GMT+0200 (Central European Summer Time)
0rules authored
3sole author
2co-authored
Rule Types
By Severity
critical
0
high
1
medium
4
low
0
informational
0
By Status
stable
0
test
5
experimental
0
deprecated
0
unsupported
0
0
Total Rules
0
Stable Rules
0
High / Critical
0
Log Source Types
Recent RulesAll rules →
Usage Of Web Request Commands And Cmdlets - ScriptBlock
Thu Oct 24 2019 02:00:00 GMT+0200 (Central European Summer Time)
mediumDetection
Usage Of Web Request Commands And Cmdlets
Thu Oct 24 2019 02:00:00 GMT+0200 (Central European Summer Time)
mediumDetection
Potential Defense Evasion Via Binary Rename
Sat Jun 15 2019 02:00:00 GMT+0200 (Central European Summer Time)
mediumDetection
Suspicious Windows ANONYMOUS LOGON Local Account Created
Thu Oct 31 2019 01:00:00 GMT+0100 (Central European Standard Time)
highDetection
Potential Remote Desktop Connection to Non-Domain Host
Fri May 22 2020 02:00:00 GMT+0200 (Central European Summer Time)
mediumDetection
Browse all 5 rules by James Pemberton
Filter the full rule library to see only their contributions