ms-incident-response
Pass
Audited by Socket on Mar 30, 2026
Checks
Malicious behaviorInjection, exfiltration, untrusted installs
Security concernsCredential exposure, tool/trust exploitation
Code obfuscationHidden or obfuscated code
Suspicious patternsReconnaissance, excessive autonomy, resource use
Audit Metadata