Detecting Application Shimming: A Story About Continuous Improvement

A long time ago, in a land far away, there lived a shim detector. The shim detector monitored data coming from Endpoint Detection and Response (EDR) platforms, watching for modifications to certain registry paths. It did its job well, but unfortunately it made so much noise that analysts didn’t want to listen to what it […]