blue-team-tools/rules/windows/builtin/windefend at fda9c753e2dcbefeebfdb1505428feeeb2d5fef1 - blue-team-tools - GreySec Git

security-tools/blue-team-tools

Files

T

History

phantinuss 112b715dd6 chore: test rules: reactivate single value list check

2022-05-10 17:13:04 +02:00

..

win_alert_lsass_access.yml

Merge branch 'aurora-false-positive-fixing' of https://github.com/SigmaHQ/sigma into aurora-false-positive-fixing

2022-02-09 18:18:59 +01:00

win_defender_amsi_trigger.yml

fix: unlikely --> Unlikely

2022-03-16 14:16:10 +01:00

win_defender_disabled.yml

fix: Rule Creating way too many FPs to be high

2022-05-06 15:56:08 +02:00

win_defender_exclusions.yml

fix: FPs found in prod environment

2022-02-02 11:03:19 +01:00

win_defender_history_delete.yml

move to builtin

2022-01-21 11:59:13 +01:00

win_defender_psexec_wmi_asr.yml

move to builtin

2022-01-21 11:59:13 +01:00

win_defender_tamper_protection_trigger.yml

chore: test rules: reactivate single value list check

2022-05-10 17:13:04 +02:00

win_defender_threat.yml

fix: unlikely --> Unlikely

2022-03-16 14:16:10 +01:00