CIRCLE WITH A DOT

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

crowdstrike edr seems really, really deeply paranoid about literally any process besides PID 4 ever touching lsass

3 Posts 2 Posters 6 Views

B This user is from outside of this forum
B This user is from outside of this forum
burritosec@infosec.exchange

wrote last edited by

#1

crowdstrike edr seems really, really deeply paranoid about literally any process besides PID 4 ever touching lsass
D 1 Reply Last reply

0
B burritosec@infosec.exchange

crowdstrike edr seems really, really deeply paranoid about literally any process besides PID 4 ever touching lsass
D This user is from outside of this forum
D This user is from outside of this forum
de3ev@infosec.exchange

wrote last edited by

#2

@burritosec i agree lol
B 1 Reply Last reply

0
D de3ev@infosec.exchange

@burritosec i agree lol
B This user is from outside of this forum
B This user is from outside of this forum
burritosec@infosec.exchange

wrote last edited by

#3

@de3ev which is, in an ideal world, decently justified! processes other than PID 4 really shouldn't do that.
windows software development is unfortunately a chaos-ridden landscape of hacky solutions and half-solved problems
1 Reply Last reply
1
0
R relay@relay.infosec.exchange shared this topic

Log in to reply