The 'Suspicious MSDT Parent Process' detection rule targets the misuse of msdt.exe (Microsoft Support Diagnostic Tool) in scenarios where it is executed by potential malicious or suspicious parent processes, specifically in the context of CVE-2022-30190, also known as the Follina vulnerability. This vulnerability has been exploited by adversaries to execute commands or deploy malware through a crafted document. This detection leverages process creation events generated within a Windows environment, focusing on specific parent processes that are often associated with evasion techniques. The detection rule activates if msdt.exe is spawned by processes such as cmd.exe, powershell.exe, or wscript.exe, which are commonly used in malicious scripts. The rule is classified under high severity due to the potential impact of successful exploitation and the increasing prevalence of attacks utilizing this technique.