Update sysmon_dns_over_https_enabled.yml

2021-07-22 11:05:31 -05:00
parent c7685e1c18
commit edf1740ec4
1 changed files with 2 additions and 2 deletions
@@ -17,11 +17,11 @@ detection:
    selection1:
        TargetObject:
            - 'HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\BuiltInDnsClientEnabled'
-		Details: 'DWORD (1)'
+	Details: 'DWORD (1)'
    selection2:
        TargetObject:
            - 'HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\DnsOverHttpsMode'
-		Details: 'DWORD (secure)'
+	Details: 'DWORD (secure)'
    condition: selection1 or selection2
 falsepositives:
 - "Unlikely"