Details
Content
Dependencies
Version History

The Windows Antimalware Scan Interface (AMSI) is a security feature in Windows OSs that allows services to scan for files, memory and other data for threats.

Microsoft Windows AMSI

This pack includes Cortex XSIAM content.

This pack requires an XDR Agent to be installed on the relevant endpoints.

Where Can I install the Cortex XDR Agent?
Creating an Agent Installation Package

Name	Description
Microsoft Windows AMSI Security Modeling Rule

Name	Description
Microsoft Windows AMSI Parsing Rule

PUBLISHER

Cortex

PLATFORMS

Cortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	August 10, 2023
Last Release	August 31, 2023

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.

Microsoft Windows AMSI

Microsoft Windows AMSI

Modeling Rules

Microsoft Windows AMSI Security Modeling Rule

PUBLISHER

PLATFORMS

INFO

DISCLAIMER