I am a registered user for Rider and was recently contacted by my cyber security department on a command that was executed while using Rider on my machine. I want to make sure that this is something that is normal and if possible, provide an explanation for my cyber security team on what the command does.
As to not include the entire command for security reasons, I am replacing a long string of text that looks like a cert with CERT_OMITTED. This is the command that was ran:
C:\WINDOWS\system32\cmd.exe" /c "pwsh -NoProfile -NonInteractive -EncodedCommand "CERT_OMITTED"
Here is some additional information if helpful for the hierarchy in which the command was executed: