Recommended EDR alert notification rules

Exec or script downloaded via browser

Process

w3wp.exe,cmdl32.exe,httpd.exe,tomcat6.exe,tomcat7.exe,tomcat8.exe,tomcat9.exe,tomcat.exe,tomcat10.exe,msedge.exe,firefox.exe,chrome.exe,iexplore.exe,opera.exe,putty.exe,filezilla.exe,brave.exe,chromium.exe

File written

*.exe,*.msi,*.iso,*.img,*.ps1,*.psm,*.zip,*.rar,*.arc,*.7z,*.tar,*.vbs,*.wasm,*.vbe,*.vb,*.wsf,*.jar,*.ps,*.com*.cab,*.cmd,*.bat,*.cpl,*.lnk,*.reg,*.vbscript,*.ws,*.chm,*.py,*.svg

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

EDR-Notification.md

EDR-Notification.md

Recommended EDR alert notification rules

Exec or script downloaded via browser

Process

File written

Files

EDR-Notification.md

Latest commit

History

EDR-Notification.md

File metadata and controls

Recommended EDR alert notification rules

Exec or script downloaded via browser

Process

File written