Rule Info
Name
Potential Malicious Usage of CloudTrail System Manager
Author
jamesc-grafana
Description
Detect when System Manager successfully executes commands against an instance.
Date
2024-07-11 00:00:00
Modified
None
Id
38e7f511-3f74-41d4-836e-f57dfa18eead
Tags
attack.privilege-escalation attack.t1566 attack.t1566.002 DEMO
Type
Community Rule
Link to Public Repo
Scan your endpoints, forensic images or collected files with our portable scanner THOR