Product
This brief covers the detection of suspicious command execution, specifically Cmd.exe or PowerShell.exe, as child processes of legitimate SolarWinds executables, indicative of potential supply chain compromise and unauthorized command execution on Windows systems.