Title Get ability to find process by executable hash
ID RA1404
Description Make sure you have the ability to find process executed at a particular time in the past by its executable hash
Author your name/nickname/twitter
Creation Date YYYY/MM/DD
Category Process
Stage RS0001: Preparation
References
Requirements
  • DN_zeek_conn_log

Workflow

Description of the workflow for single Response Action in markdown format.
Here newlines will be saved.