• caglararli@hotmail.com
  • 05386281520

Base64 encoded payload detection rule on crowdstrike

Çağlar Arlı      -    49 Views

Base64 encoded payload detection rule on crowdstrike

I am new to threat detection. I was figuring out a way for crowdstrike falcon to block the execution of malicious base64 encoded payloads on a Linux machine.

Wanted to know if a setting prevention policy for “script-based-execution” is able to detect this? Or if there's any other way to detect if a base64 encoded string was executed on a Linux machine?