Home QuickSecure Docs Security Checks

Security Checks Reference

Complete list of 150+ security controls monitored by QuickSecure

150+
Security Checks
25+
MITRE Techniques
3
Platforms
7.5K+
Detection Patterns

Windows Security Checks

Persistence Mechanisms

CheckDescriptionMITRE ATT&CKSeverity
WIN-PERS-001Registry Run/RunOnce keys modificationT1547.001High
WIN-PERS-002Scheduled Tasks creation/modificationT1053.005High
WIN-PERS-003Windows Service installationT1543.003High
WIN-PERS-004Startup folder modificationT1547.001Medium
WIN-PERS-005WMI event subscriptionT1546.003High
WIN-PERS-006DLL Search Order HijackingT1574.001Critical

Defense Evasion

CheckDescriptionMITRE ATT&CKSeverity
WIN-DEF-001Windows Defender exclusions modifiedT1562.001Critical
WIN-DEF-002Real-time protection disabledT1562.001Critical
WIN-DEF-003Event log cleared/disabledT1070.001High
WIN-DEF-004AMSI bypass attemptT1562.001Critical
WIN-DEF-005Process hollowing detectedT1055.012Critical

Credential Access

CheckDescriptionMITRE ATT&CKSeverity
WIN-CRED-001LSASS memory access attemptT1003.001Critical
WIN-CRED-002SAM database accessT1003.002Critical
WIN-CRED-003Browser password extractionT1555.003High
WIN-CRED-004Mimikatz signature detectedT1003Critical

Linux Security Checks

Persistence

CheckDescriptionMITRE ATT&CKSeverity
LNX-PERS-001Cron job modificationT1053.003High
LNX-PERS-002Systemd service installationT1543.002High
LNX-PERS-003SSH authorized_keys modifiedT1098.004High
LNX-PERS-004LD_PRELOAD hijackingT1574.006Critical
LNX-PERS-005Bashrc/profile backdoorT1546.004High

Privilege Escalation

CheckDescriptionMITRE ATT&CKSeverity
LNX-PRIV-001SUID/SGID binary abuseT1548.001High
LNX-PRIV-002Sudo misconfiguration exploitT1548.003Critical
LNX-PRIV-003Kernel exploit attemptT1068Critical

Supply Chain Checks

Package Security

CheckDescriptionMITRE ATT&CKSeverity
SC-001Malicious npm postinstall scriptT1195.001Critical
SC-002Compromised package detectedT1195.002Critical
SC-003GitHub credential theft attemptT1552.001Critical
SC-004Typosquatting package installedT1195.001High