Registry_access_detected_Carbon Black_CB Defense

Alert

Registry access detected

SK4 unified event:
Connector/Service

Carbon Black/CB Defense

SK4 Version:

2.3.180

Created Date:

Sun Mar 17 2019 10:50:28 GMT+0000 (Coordinated Universal Time)

Last Update:

Mon May 27 2019 13:36:38 GMT+0000 (Coordinated Universal Time)

Category

Security Alert

Description

An application has accessed the Registry in order to create/update value/s.

Search query

cef_vendor="skyformation" cef_name="security-threat-detected" destinationServiceName="Carbon Black" fileType="application" act="update"

Parsed CEF
Unparsed raw data

Expand to see an example...

Audit sources