ion-storm/sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
PowerShellLGPL-2.1
Issues
- 1
- 0
Duplicate
#31 opened by W00dyW00dy - 0
Duplicate
#30 opened by W00dyW00dy - 0
- 7
- 4
Duble configs
#19 opened by VadimKutia - 1
Event ID 27
#21 opened by VadimKutia - 4
Current version is blocking October KB's from installing and creates a loop of undoing changes for 24+ hours
#18 opened by stondino00 - 0
ID 11
#16 opened by VadimKutia - 3
- 2
Add Antivirus exclusions
#13 opened by VadimKutia - 1
Eset
#15 opened by VadimKutia - 1
Add Opera to webbrousers
#14 opened by VadimKutia - 1
powershell.exel
#10 opened by VadimKutia - 2
`condition="excludes"` with `groupRelation="or"`
#11 opened by PiRomant - 4
Question on System Performance
#7 opened by coleJ98 - 0
- 1
Graylog Pipeline
#5 opened by 0xtf - 1
Sysmon schema version
#6 opened - 1
Please check this if you can ?
#3 opened by KaptainKool - 1
- 1
howto add this rule properly, help please
#2 opened by hanscees