Palo Alto Networks

Global Analytics

A Deep Dive Into Malicious Direct Syscall Detection

In this blog post we will explain how attackers use direct syscalls to overcome most EDR solutions, by first discussing the conventional Windows syscall flow and how most EDR solutions monitor those calls. Then, we will dive into different attack techniques threat actors use to stay hidden from those EDR solutions, including the use of direct syscalls.

Must-Read Articles

Non classifié(e)

Product Features

Feb 13, 2024

By Or Chechik and Ofir Ozer

Palo Alto Networks

Products and Services

Partners

Must-Read Articles, Product Features

How Cortex XDR Global Analytics Protects Against Supply Chain Attacks

In today’s world, no company develops everything by itself. No matter which industry vertical we look at - from financial institutions, government, oi...

May 23, 2022

By Erez Levy

Must-Read Articles, News and Events, Product Features

Cortex XDR 3.3: Redefining SecOps with Global Analytics & Event Forwar...

Outpacing adversaries requires constant innovation. If we, as defenders, stand still, we invite threat actors to develop techniques to bypass our defe...

May 16, 2022

By Kasey Cross