search

elastic / detection-rules

https://www.elastic.co/guide/en/security/current/detection-engine-overview.html
Other
1.91k stars 492 forks source link

[Tuning] Microsoft Windows Defender Tampering #3840

Closed Samirbous closed 3 months ago

Samirbous commented 3 months ago

excluding top noisy source processes (svchost.exe, ccmexec.exe and a couple).