False Positives - Reducing benign events mistakenly identified as threats.
Description
Hello,
Rule is triggering also for process.name Veeam.VSS.Sharepoint2013.exe and Veeam.VSS.Sharepoint2019.exe that should be also excluded as the current code does for process Veeam.VSS.Sharepoint2010.exe
Link to Rule
https://github.com/elastic/detection-rules/blob/main/rules/windows/lateral_movement_execution_via_file_shares_sequence.toml
Rule Tuning Type
False Positives - Reducing benign events mistakenly identified as threats.
Description
Hello, Rule is triggering also for process.name Veeam.VSS.Sharepoint2013.exe and Veeam.VSS.Sharepoint2019.exe that should be also excluded as the current code does for process Veeam.VSS.Sharepoint2010.exe
Thank you
Example Data
No response