Product
This rule detects the creation of scheduled tasks in Windows using event logs, which adversaries may use for persistence, lateral movement, or privilege escalation by creating malicious tasks.