Added rules to detect lolbas provlaunch.exe and also filter on legitimate system non-wmiprvse processes loading WMI modules #13111
sigma-test.yml
on: pull_request
yamllint
28s
test-sigma
6m 8s
check-baseline-win7
5s
check-baseline-win10
2m 15s
check-baseline-win11
4m 32s
check-baseline-win2022
29s
check-baseline-win2022-domain-controller
1m 1s
check-baseline-win2022-0-20348-azure
2m 51s