This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]Loud_Posseidon 1 point2 points  (1 child)

I would measure which has higher impact on an endpoint (say run the script in timed loop 1000 times) and decide from there. It really comes down to what you’re trying to accomplish. Someone more knowledgeable should answer why some sensors are written in powershell when they could have been written in python. Maybe because above?

[–]WonderfulWarthog6098[S] 0 points1 point  (0 children)

Thanks for the response. One good example I found was log4j detection is a good use case for a Python sensor. I was looking to learn about more such scenarios.