New custom detection filters for Microsoft logs | Trend Micro Service Central

web

You’re offline. This is a read only version of the page.

Views:

June 5, 2025—Trend Vision One supports new custom detection filters for Microsoft.

Try these detection filters to enhance Microsoft log analysis:

Possible theft of passwords and other sensitive web browser information
Backdoor Detected
Backdoor Prevented
BloodHound Process Detection
CertUtil Remote Download
Hacktool Detected
Hacktool Prevented
Malware Detected
Ransomware Prevented
Remote exfiltration activity
Suspicious Hacking Tool Detected
Unwanted Software Prevented
Unwanted Software Detected
Wevtutil Clear Windows Event Logs
Windows Network Sniffing
AMSI Script Detection
Possible ongoing hands-on-keyboard activity (Cobalt Strike)

Download these custom detection filters from GitHub. For more information see Custom filters.

XDR Threat Investigation → Detection Model Management

Table of Contents

< Back to What’s New

Home / XDR and Management Platforms / Trend Vision One /

Title

Content

The page you're looking for can't be found or is under maintenance

Try again later or go back to the previous page

Was this article helpful?