This detection rule focuses on identifying instances where a Chromium-based browser (such as Chrome, Edge, Brave, Opera, or Vivaldi) is launched with an unusually small window size, specifically less than 100 pixels in either width or height. Such conditions are atypical and may indicate covert actions being performed by malware or scripts attempting to automate browsing without user visibility or interaction, potentially evading standard security measures. The rule utilizes several sources of data, including Sysmon EventID 1 and Windows Event Log Security 4688, to monitor for this unusual launch behavior and can trigger alerts for further investigation. The detection is built to handle automation and can link with other risk assessments if used alongside existing threat intelligence frameworks.