The Jigsaw FirstWatch sensor has been successfully implemented in over 20 businesses in the last year. Based on our data and request from customers we have been working on some improved detection methods for the sensor platform. Today Jigsaw Security released two new modules with the first being a PowerShell library to detect bad activity and a new Malicious strings library to detect malicious activity and lateral movement on networks. The libraries are a set of instructions for the sensor that tell the engine what to look for and how to respond if a particular string is detected on a network.
To view the new information, subscribers can view event 29094 and 29095 that was published in our Threat Intelligence library earlier today. These events show you the detail on what is detected and how the sensor will respond if malicious activity is detected.