I came up with a pretty simple KQL query to help with Lockbit Detection. This is based off the latest info from a Sentinel One Blog post. Feel free to share and if you have suggestions to make it better, feel free to let me know.

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.