frack113 c64ece9f68 More generic

2022-06-29 19:33:50 +02:00

..

builtin

fix: technically filter THOR checking for BlueKeep vuln

2022-06-29 17:07:04 +02:00

create_remote_thread

fix: FPs

2022-06-29 13:20:57 +02:00

create_stream_hash

refactor: rule level adjustments - critical to high

2022-06-18 17:43:22 +02:00

dns_query

rule cleanup and new rules

2022-06-27 16:35:22 +02:00

driver_load

refactor condition

2022-06-03 15:35:24 +02:00

file_access

fix: FPs

2022-06-29 13:20:57 +02:00

file_delete

Add "\" to "Image|endswith" modifier

2022-06-02 13:39:07 +01:00

file_event

Merge pull request #3173 from nasbench/master

2022-06-29 17:22:02 +02:00

file_rename

fix: casing of OriginalFileName

2022-06-08 17:14:49 +02:00

image_load

docs: rules adjusted

2022-06-21 17:21:55 +02:00

network_connection

Comparison conflict found between selection and filtere. In favor of selection

2022-06-27 21:03:36 +00:00

pipe_created

fix: FPs found in testing environment

2022-06-20 16:17:54 +02:00

powershell

Fix Error

2022-06-28 22:40:42 +01:00

process_access

Merge pull request #3167 from SigmaHQ/rule-devel

2022-06-28 17:25:03 +02:00

process_creation

Merge pull request #3173 from nasbench/master

2022-06-29 17:22:02 +02:00

raw_access_thread

…

registry

More generic

2022-06-29 19:33:50 +02:00

sysmon

…

wmi_event

refactor: rule adjustments based on hayabusa

2022-06-18 08:39:02 +02:00