v1.0.51

Enterprise Security Content Updates v 1.0.51 was released on March 2, 2020. It includes the following enhancements:

New Analytic Story:

• Container Implantation Monitoring & Investigation

Fixed issues:

• Updated "Credential Dumping" story with new detection - "Dump LSASS via comsvcs DLL"
• Update to "Access LSASS Memory for Dump Creation"

Full documentation: https://docs.splunk.com/Documentation/ESSOC/1.0.51