Detection Engineering
Detecting BYOVD Attacks
How to detect BYOVD (bring-your-own-vulnerable-driver) attacks — the driver-load and service-creation signals, a Sigma rule, the LOLDrivers list, and HVCI hardening.
1 article
How to detect BYOVD (bring-your-own-vulnerable-driver) attacks — the driver-load and service-creation signals, a Sigma rule, the LOLDrivers list, and HVCI hardening.