Skip to content

Commit d14ba3d

Browse files
TimBFTimBF
committed
Merge branch 'master' into extend_nonce_configurations
2 parents 10ef8b3 + d32302a commit d14ba3d

File tree

1 file changed

+5
-0
lines changed
  • client/command/processes

1 file changed

+5
-0
lines changed

client/command/processes/ps.go

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -100,6 +100,11 @@ var knownSecurityTools = map[string][]string{
100100
"CrAmTray.exe": {console.Red, "Cybereason ActiveProbe"}, // Cybereason ActiveProbe
101101
"CrsSvc.exe": {console.Red, "Cybereason ActiveProbe"}, // Cybereason ActiveProbe
102102
"CybereasonAV.exe": {console.Red, "Cybereason ActiveProbe"}, // Cybereason ActiveProbe
103+
"cortex-xdr-payload.exe": {console.Red, "Palo Alto Cortex"}, // Cortex XDR - offline triage
104+
"cysandbox.exe": {console.Red, "Palo Alto Cortex"}, // Cortex XDR - sandbox
105+
"cyuserservice.exe": {console.Red, "Palo Alto Cortex"}, // Cortex XDR - user service
106+
"cywscsvc.exe": {console.Red, "Palo Alto Cortex"}, // Cortex XDR - security center service
107+
"tlaworker.exe": {console.Red, "Palo Alto Cortex"}, // Cortex XDR - local analysis worker
103108
}
104109

105110
// PsCmd - List processes on the remote system

0 commit comments

Comments
 (0)