|
|
@@ -5,10 +5,10 @@
|
|
|
|
|
|
beta::[]
|
|
|
|
|
|
-This example tutorial shows you how you can use EQL to detect security threats
|
|
|
-and other suspicious behavior. In the scenario, you're tasked with detecting
|
|
|
-https://attack.mitre.org/techniques/T1218/010/[regsvr32 misuse] in Windows
|
|
|
-event logs.
|
|
|
+This example tutorial shows how you can use EQL to detect security threats and
|
|
|
+other suspicious behavior. In the scenario, you're tasked with detecting
|
|
|
+https://attack.mitre.org/techniques/T1218/010/[regsvr32 misuse] in Windows event
|
|
|
+logs.
|
|
|
|
|
|
`regsvr32.exe` is a built-in command-line utility used to register `.dll`
|
|
|
libraries in Windows. As a native tool, `regsvr32.exe` has a trusted status in
|
James Rodewig