The Power of Sequel Light

Sackals allow you to say for this specific secureable object or resource file service uh name pipe process whatever it may be i want to know if a certain action is taken against it. It's extremely granular right so you could like get down into this idea of like the very specific file like the sequel light database that you're talking about and you can choose the type of access that somebody wants. The detection primitives are really robust and i look at a tool like seat belt and it does a ton of WMI enumeration registry key enumeration  and those are great objects to put these cycles on.