Mechanisms that allow inter-process communication locally or over the network. A named pipe is usually found as a file and processes attach to it[1]
Contextual data about a named pipe on a system, including pipe name and creating process (ex: Sysmon EIDs 17-18)
Contextual data about a named pipe on a system, including pipe name and creating process (ex: Sysmon EIDs 17-18)
| Domain | ID | Name | Detects | |
|---|---|---|---|---|
| Enterprise | T1570 | Lateral Tool Transfer |
Monitor for contextual data about named pipes on the system. |
|