Has anyone else noticed that when you use Threat Search and look for Powershell commands executed on end points, it is not reporting all of them?
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
Guest User!
You are not Sophos Staff.
Has anyone else noticed that when you use Threat Search and look for Powershell commands executed on end points, it is not reporting all of them?
Hi Lisa Busby
Under threat searches, you can search for SHA-256 file hashes, file names, IP addresses or domains (either complete or partial), or command lines. Would you please provide more details about the executed powershell command that are not reported?
Shweta
