Sigma Rule Tests

Added rules to detect lolbas provlaunch.exe and also filter on legitimate system non-wmiprvse processes loading WMI modules #13120

Sign in to view logs

Triggered via pull request August 2, 2023 13:54

swachchhanda000

synchronize #4316

swachchhanda000:master

Status Success

Total duration 9m 1s

Artifacts –

sigma-test.yml

on: pull_request

test-sigma-logsource

check-baseline-win7

check-baseline-win10

check-baseline-win11

check-baseline-win2022

check-baseline-win2022-domain-controller

check-baseline-win2022-0-20348-azure