Deprecated Detections
| Name | Data Source | Technique | Type | Analytic Story | Date |
|---|---|---|---|---|---|
| Linux apt-get Privilege Escalation | Cisco Isovalent Process Exec, Sysmon for Linux EventID 1 | Sudo and Sudo Caching | Anomaly | Cisco Isovalent Suspicious Activity, Linux Living Off The Land, Linux Privilege Escalation | 2026-02-10 |