def rule(event):
    if all(
        [
            "System.Net.Security.SslStream" in event.deep_get("ScriptBlockText", default=""),
            "Net.Security.RemoteCertificateValidationCallback"
            in event.deep_get("ScriptBlockText", default=""),
            ".AuthenticateAsClient" in event.deep_get("ScriptBlockText", default=""),
        ]
    ):
        return True
    return False
