Access to stored credentials
The aim of this test is to verify that your Security Operations Center (SOC) can effectively detect the “cmdkey /list” command execution. This command is used on Windows systems to list stored credentials and could be exploited by malicious actors to gather sensitive information. Detecting this command allows your SOC to respond promptly to suspicious […]
