Publicly-reported techniques recorded as bypassing Elastic. Each entry is sourced to its original disclosure. This is a factual tally, maintained on the same basis for every vendor in the Index.
| Technique | Entries | High-confidence | Most recent |
|---|---|---|---|
| BYOVD (Vulnerable Driver) | 3 | 2 | 2025-11-21 |
| Exploitation for Priv-Esc | 2 | 2 | 2026-05-28 |
| Tamper-Protection Bypass | 2 | 1 | 2025-06-12 |
| EDR Unhooking | 1 | 1 | 2025-11-06 |
| Obfuscation / Packing | 1 | 0 | 2026-04-20 |
| Rootkit | 1 | 1 | 2025-10-31 |
| Technique | Confidence | Disclosed | Source | |
|---|---|---|---|---|
| Exploitation for Priv-Esc | high | 2026-05-28 | nvd.nist.gov | record → |
| Obfuscation / Packing | medium | 2026-04-20 | github.com | record → |
| Exploitation for Priv-Esc | high | 2026-03-18 | www.tenable.com | record → |
| BYOVD (Vulnerable Driver) | high | 2025-11-21 | ashes-cybersecurity.com | record → |
| EDR Unhooking | high | 2025-11-06 | radar.offseq.com | record → |
| Rootkit | high | 2025-10-31 | cyberpress.org | record → |
| BYOVD (Vulnerable Driver) | medium | 2025-08-16 | cybersecuritynews.com | record → |
| Tamper-Protection Bypass | medium | 2025-06-12 | github.com | record → |
| BYOVD (Vulnerable Driver) | high | 2024-06-27 | infosecwriteups.com | record → |
| Tamper-Protection Bypass | high | 2024-02-29 | github.com | record → |
Counts reflect distinct publicly-reported events on record; absence of an entry means no confirmed public report is on file, not that a product is unaffected.