Update registry_set_windows_defender_tamper.yml - Githubissues

SigmaHQ / sigma

Main Sigma Rule Repository

Other

8.41k stars 2.21k forks source link

Update registry_set_windows_defender_tamper.yml #5037

Closed MalGamy12 closed 1 month ago

MalGamy12 commented 1 month ago

Summary of the Pull Request

update target objects with a new value.

Changelog

update: Disable Windows Defender Functionalities Via Registry Keys - Remove \Real-Time Protection\ prefix to increase coverage.

Example Log Event

N/A

Fixed Issues

N/A

SigmaHQ Rule Creation Conventions

If your PR adds new rules, please consider following and applying these conventions