LetsDefend Monitoring Alert
Scheduled Task Created
May, 15, 2023, 10:02 AM
Event ID: 147
Event Time: May, 15, 2023, 10:02 AM
Rule Name: SOC197 - Scheduled Task Created
Alert Type: Persistence
MITRE Technique:
T1566 - Initial Access - Phishing,
T1071 - Command and Control - Application Layer Protocol,
T1053 - Persistence - Scheduled Task/Job,
Severity: High
Incident Responder