#edr-evasion

1 article

Detection Engineering

Detecting BYOVD Attacks

How to detect BYOVD (bring-your-own-vulnerable-driver) attacks — the driver-load and service-creation signals, a Sigma rule, the LOLDrivers list, and HVCI hardening.

5 min read