Enterprise Security Content Updates v 1.0.51 was released on March 2, 2020. It includes the following enhancements:
New Analytic Story:
- Container Implantation Monitoring & Investigation
Fixed issues:
- Updated "Credential Dumping" story with new detection - "Dump LSASS via comsvcs DLL"
- Update to "Access LSASS Memory for Dump Creation"
Full documentation: https://docs.splunk.com/Documentation/ESSOC/1.0.51