Matt Anderson 30aebbb65c Merge PR #5834 from @MATTANDERS0N - Add Devcon and KDU Execution Rules ...

new: PUA - Kernel Driver Utility (KDU) Execution
new: Devcon Execution Disabling VMware VMCI Device

---------

Co-authored-by: Swachchhanda Shrawan Poudel <87493836+swachchhanda000@users.noreply.github.com>
Co-authored-by: Nasreddine Bencherchali <monsteroffire2@gmail.com>

2026-01-24 12:36:29 +01:00

..

file/file_event

Merge PR #5775 from @swachchhanda000 - Restructure regression testing data directory

2025-11-26 11:08:11 +01:00

image_load

Merge PR #5777 from @swachchhanda000 - feat: more edrfreeze rules

2025-12-10 15:29:38 +01:00

process_access

Merge PR #5777 from @swachchhanda000 - feat: more edrfreeze rules

2025-12-10 15:29:38 +01:00

process_creation

Merge PR #5834 from @MATTANDERS0N - Add Devcon and KDU Execution Rules

2026-01-24 12:36:29 +01:00

registry

Merge PR #5775 from @swachchhanda000 - Restructure regression testing data directory

2025-11-26 11:08:11 +01:00

sysmon/sysmon_config_modification

Merge PR #5775 from @swachchhanda000 - Restructure regression testing data directory

2025-11-26 11:08:11 +01:00