From 84fc0d80cdd9d2b8ae4f5797150669383db27694 Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team doc generator <email>
Date: Fri, 22 Jun 2018 10:25:32 +0000
Subject: [PATCH] Generate docs from job=validate_atomics_generate_docs
 branch=master

---
 atomics/T1063/T1063.md | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/atomics/T1063/T1063.md b/atomics/T1063/T1063.md
index d0cdc619..3b107073 100644
--- a/atomics/T1063/T1063.md
+++ b/atomics/T1063/T1063.md
@@ -41,9 +41,10 @@ Methods to identify Security Software on an endpoint
 ```
 netsh.exe advfirewall firewall show all profiles
 tasklist.exe
-tasklist.exe | findstr virus
-tasklist.exe | findstr cb
-tasklist.exe | findstr defender
+tasklist.exe | findstr /i virus
+tasklist.exe | findstr /i cb
+tasklist.exe | findstr /i defender
+tasklist.exe | findstr /i cylance
 ```
 <br/>
 <br/>
@@ -59,6 +60,7 @@ Methods to identify Security Software on an endpoint
 powershell.exe get-process | ?{$_.Description -like "*virus*"}
 powershell.exe get-process | ?{$_.Description -like "*carbonblack*"}
 powershell.exe get-process | ?{$_.Description -like "*defender*"}
+powershell.exe get-process | ?{$_.Description -like "*cylance*"}
 ```
 <br/>
 <br/>