15Ağu
Base64 encoded payload detection rule on crowdstrike
I am new to threat detection. I was figuring out a way for crowdstrike falcon to block the execution of malicious base64 encoded payloads on a Linux machine.
Wanted to know if a setting prevention policy for “script-based-execution” is able to detect this? Or if there's any other way to detect if a base64 encoded string was executed on a Linux machine?
