Does voodooshield monitor parent-child process relationships?
I’m interested eg in a post exploit situation where Firefox has been compromised, can it detect & block a compromised Firefox from eg running cmd or rundll32 ( or any other lolbin ) ? - without entirely blocking cmd.exe ofc , just based on parent-child relationships
I’m interested eg in a post exploit situation where Firefox has been compromised, can it detect & block a compromised Firefox from eg running cmd or rundll32 ( or any other lolbin ) ? - without entirely blocking cmd.exe ofc , just based on parent-child relationships