Publicly-reported instances of Direct Syscalls bypassing endpoint security products. Maintained on the same basis for every technique in the Index.
| Product | Entries | High-confidence | Most recent |
|---|---|---|---|
| Microsoft | 2 | 1 | 2026-05-04 |
| Bitdefender | 1 | 0 | 2024-05-08 |
| Sophos | 1 | 1 | 2024-07-24 |
| Product | Confidence | Disclosed | Source | |
|---|---|---|---|---|
| Microsoft | high | 2026-05-04 | hackers-arise.com | record → |
| Sophos | high | 2024-07-24 | github.com | record → |
| Bitdefender | medium | 2024-05-08 | github.com | record → |
| Microsoft | medium | 2024-05-08 | github.com | record → |
Counts reflect distinct publicly-reported events on record; absence of an entry means no confirmed public report is on file.