socfortress / Wazuh-Rules

Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!
https://www.socfortress.co
590 stars 169 forks source link

Sysmon Config Used #19

Open PiRomant opened 11 months ago

PiRomant commented 11 months ago

https://github.com/socfortress/Wazuh-Rules/blob/c1f0e2047da2526b2ffe78c3e46b2a918d84f6c9/Windows_Sysmon/README.md?plain=1#L14

Why do you write that you use a SwiftOnSecurity/sysmon-config if all of your rules maped on olafhartong/sysmon-modular config. SwiftOnSecurity's config has no rules names at all.