Nic
Nic
I created a script to perform a variety of functions that match this feature request: https://github.com/olafhartong/sysmon-modular/issues/79 To use simply: 1. Clone sysmon-modular repo 2. Run this script 3. Provide answers...
The goal of this feature is to provide a way for an analyst to easily check their Sysmon rules against the latest MITRE ATT&CK Framework. Benefits: + Find valid and...
The goal of this feature is to include tactic name, tactic id, sub-technique name and sub-technique id to every single rule. Benefits: + Allow for checking Sysmon rules against the...
Any thoughts about a response action for responding to clients that reported an email to the security team? When a user successfully reports a malicious email, I believe it is...
From what I have observed, it seems that Winlogbeat is having intermittent issues trying to read the "Microsoft-Windows-Windows Defender/Operational" channel. I don't think this is a fault of Winlogbeat but...
Is there a way to create custom arguments for the commands? For example, the custom command is hello but can accept the parameter world to generate hello world instead of...
Hello, I was wondering if it is possible to configure the autocomplete to also work on commands instead of paths. An example, a user typing ca and then using tab...
In regards to the NIST 800-53 Rev 5 catalog, it appears that there could be some inconsistencies with the spacing after the parameters that can be inserted when "and" is...
Would it be feasible to introduce the eBPF capability to Windows environments? Today this is done with certain versions of Linux and the capabilities are quite powerful. I noticed that...
**Describe the feature:** Today we can only compare the first 100 fields with 2 docs. This prevents us from looking at and comparing other fields without having to add them...