Closed clong closed 6 years ago
This PR Addresses the following issues:
Additional changes:
Sysmon-Operational
Sysmon
This PR Addresses the following issues:
1 - Add subscriptions for ADFS
2 - Add subscriptions for Duo
3 - Add subscriptions for Device Guard
5 - Add subscriptions for office alerts.
6 - Add WEF subscription for TPM-WMI
8 - Add WEF Subscriptions for Exploit Guard
11 - Don't hide Microsoft signed entries in AutorunsToWinEventLog
Additional changes:
Sysmon-Operationalhas been normalized toSysmonin the subscriptions and channels