No. If an EDR relies on userland mechanisms to monitor, these userland mechanism... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

lucasRW 5 months ago | parent | context | favorite | on: CrowdStrike Update: Windows Bluescreen and Boot Lo...

No. If an EDR relies on userland mechanisms to monitor, these userland mechanisms can easily be removed by the malicious process too.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact