 Florian Roth
|
921d46ca79
|
fix: FPs noticed with Aurora
|
2022-02-21 18:43:18 +01:00 |
|
|
phantinuss
|
43bae23f23
|
fix: several FPs against a fresh installed Windows with example applications and basic user interaction
|
2022-02-09 17:47:22 +01:00 |
|
|
Florian Roth
|
20a7bad5d8
|
Merge branch 'aurora-false-positive-fixing' of https://github.com/SigmaHQ/sigma into aurora-false-positive-fixing
|
2022-02-02 20:40:21 +01:00 |
|
|
Florian Roth
|
885651efae
|
fix: FPs noticed with Aurora
|
2022-02-02 20:39:47 +01:00 |
|
|
phantinuss
|
2d36c6222d
|
fix: FPs found in prod environment
|
2022-02-02 11:03:19 +01:00 |
|
|
frack113
|
4631d0c482
|
remove invalid tag
|
2022-01-19 18:23:30 +01:00 |
|
|
Tim Shelton
|
c20a6daa73
|
adding wildcard to netlogon to be a bit more inclusive.
|
2021-11-29 19:59:26 +00:00 |
|
|
frack113
|
01dc930c17
|
Change status for old rules
|
2021-11-27 11:33:14 +01:00 |
|
|
Jonhnathan
|
bc1efd9843
|
Update sysmon_logon_scripts_userinitmprlogonscript_proc.yml
|
2020-10-15 17:23:44 -03:00 |
|
|
Alexey Lednyov
|
880b10cce1
|
att&ck tags review: windows/process_creation part 1, network
|
2020-08-27 20:43:47 +03:00 |
|
|
Florian Roth
|
9c0f9f398f
|
refactor: sysmon rule cleanup > generlization
|
2020-07-01 10:58:39 +02:00 |
|