Product

Apache

1 brief RSS

Unusual Command Execution from Web Server Parent Process on Linux

This rule detects potential command execution from a web server parent process on a Linux host, indicating a possible web shell attack where adversaries exploit web server vulnerabilities to execute arbitrary commands.

Elastic Defend +2 web-shell command-execution persistence linux

2r 3t 1h ago