RATs Race: Detecting remote access tools beyond pattern-based indicators

This is a post to highlight the importance of rich telemetry and how it serves well for strengthening alert signals when coupling static pattern with behavioral & anomaly based indicators to detect RAT and RMM tools.

TL;DR: for practical detection engineering, skip to "Tracking Patterns".

