Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This analytic rule detects any registry value creation or modification of Windows Update registry keys to disable Windows Update. This could be an indication of defense evasion by an adversary on a compromised host.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Malware Protection Essentials |
| ID | f1443a87-78d5-40c3-b051-f468f0f2def0 |
| Severity | Medium |
| Status | Available |
| Kind | Scheduled |
| Tactics | DefenseEvasion |
| Techniques | T1562 |
| Required Connectors | CrowdStrikeFalconEndpointProtection, MicrosoftThreatProtection, SentinelOne, VMwareCarbonBlack, CiscoSecureEndpoint, TrendMicroApexOne, TrendMicroApexOneAma |
| Source | View on GitHub |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
↑ Back to Analytic Rules · Back to Malware Protection Essentials