Product
This detection identifies delete events on CrowdStrike registry keys, which typically occur during agent uninstallation, so any unplanned or unexpected removal of these keys should be investigated for malicious activity such as defense evasion or exploits like CVE-2022-44721.