Detection rules › Sigma
Windows Defender Threat Detected
Detects actions taken by Windows Defender malware detection engines
MITRE ATT&CK coverage
| Tactic | Techniques |
|---|---|
| Execution | T1059 Command and Scripting Interpreter |
Event coverage
| Provider | Event ID | Title |
|---|---|---|
| Windows-Defender | 1006 | |
| Windows-Defender | 1015 | |
| Windows-Defender | 1116 | |
| Windows-Defender | 1117 |