Closed phantinuss closed 5 months ago
fix: add filter for automatic execution of a policy test for PowerShell AppLocker lockdown mode
fix: Windows Binaries Write Suspicious Extensions - filter PS1 policy check for AppLocker mode
Summary of the Pull Request
fix: add filter for automatic execution of a policy test for PowerShell AppLocker lockdown mode
Changelog
fix: Windows Binaries Write Suspicious Extensions - filter PS1 policy check for AppLocker mode
Example Log Event
Fixed Issues
SigmaHQ Rule Creation Conventions