Contents x
    Adapter Detection & Response Rules
    • 21 Oct 2023
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    Contents

    Adapter Detection & Response Rules

    • Updated on 21 Oct 2023
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    Article summary

    Similar to EDR telemetry, data received via Adapters are observable via Detection & Response rules. D&R rules that action on Adapter-based data are written the same way, with event and operator qualifiers and response actions based on successful detections.

    Depending on the type of adapter, you can reference adapter data directly via the platform sensor selector (e.g. aws, msdefender, crowdstrike, etc.)

    Was this article helpful?
    What's Next