Detections
Analytics
Query Registry
Description
Adversaries may interact with the Windows Registry to gather information about the system, configuration, and installed software.
Products, Sensors, and Dependencies
| Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
|---|---|---|---|---|---|---|
| Tenable Vulnerability Management | Advanced Network Scan | Windows machines | Authenticated Scan | SMB | Services Registry ACL | Plugin ID: 160576 |
| Tenable Vulnerability Management | Advanced Network Scan | Windows machines | Authenticated Scan | SMB | Auto login | Plugin ID: 10412 |
References
Attack Path Technique Details
Framework: MITRE ATT&CK
Family: Discovery
Technique: Query Registry
Platform: Windows
Products Required: Tenable Vulnerability Management
Tenable Release Date: 2022 Q2