olafhartong

FireEye Sunburst KQL Detections

FireEye released a very interesting article regarding a third-party compromise of Solarwinds, the detections that are possible in Defender for Endpoint are listed below

Blog post

All FireEye detections

DeviceEvents