chainsaw icon indicating copy to clipboard operation
chainsaw copied to clipboard
verified publisher icon WithSecureLabs

Security channel-based detections

Open JakePeralta7 opened this issue 1 year ago • 1 comments

Just a proof of concept for detecting some anomalies in event logs even if Sysmon is not deployed across the organization - but the audit policy is configured correctly.

JakePeralta7 avatar Oct 07 '24 13:10 JakePeralta7

LOL, didn't pay attention to the level attribute. fixed it

JakePeralta7 avatar Oct 10 '24 09:10 JakePeralta7