cchansk
cchansk
Recently, after restarting the service and updating to a new version (2.35.0), I started seeing having certain issues with my Gigamon SSL session logs where 8 different devices with different...
Is there any reason for the "[[T1055] Process Injection]" and "[[T1055] Process Injection - CobaltStrike]" saved searches to not have the "| `process_create_whitelist`" in it and abide by the whitelist?
**Was the issue replicated by support?** n/a **What is the sc4s version ?** 2.49.8 **Is there a pcap available?** Can be made available **Is the issue related to the environment...