investigating child parent relations
🔐Cybersecurity Help
Unresolved
UnresolvedIn TryHackMe I was doing the soc sim, it was mainly about fishing but there was a lot of alerts relating to "Suspicious child parent processes". Really the only info that is given is thru Splunk (Parent pid, child pid, executing directory, ect) and I have trouble navigating how to determine if its a false positive or true.
