Sigma Rule Tests

Added rules to detect lolbas provlaunch.exe and also filter on legitimate system non-wmiprvse processes loading WMI modules #13111

Sign in to view logs

Triggered via pull request August 2, 2023 05:51

swachchhanda000

synchronize #4316

swachchhanda000:master

Status Success

Total duration 7m 55s

Artifacts –

sigma-test.yml

on: pull_request

test-sigma-logsource

check-baseline-win7

check-baseline-win10

check-baseline-win11

check-baseline-win2022

check-baseline-win2022-domain-controller

check-baseline-win2022-0-20348-azure