Tag
This rule detects potential credential access attempts on Linux systems by monitoring access to sensitive files commonly containing credentials or configuration information.