Update file_event_win_susp_vscode_powershell_profile.yml

2022-08-24 12:29:54 +01:00
parent 918cf94c1b
commit be2ec96dc2
1 changed files with 1 additions and 1 deletions
@@ -3,7 +3,7 @@ id: 3a9fa2ec-30bc-4ebd-b49e-7c9cff225502
 related:
    - id: b5b78988-486d-4a80-b991-930eff3ff8bf
      type: similar
-status: test
+status: experimental
 description: Detects the creation or modification of a vscode related powershell profile which could indicate suspicious activity as the profile can be used as a mean of persistence
 author: Nasreddine Bencherchali
 references: