mirror of
https://github.com/socfortress/Wazuh-Rules.git
synced 2025-10-23 08:12:16 +00:00
Update MITRE_TECHNIQUES_FROM_SYSMON_EVENT1.xml
This commit is contained in:
taylor_socfortress
committed by
GitHub
GitHub
parent
59d1c5d41e
commit
5fe8d5c6f1
@@ -1167,6 +1167,8 @@
|
||||
<mitre>
|
||||
<id>T1134</id>
|
||||
</mitre>
|
||||
<options>no_full_log</options>
|
||||
<group>sysmon_event1,windows_sysmon_event1,</group>
|
||||
</rule>
|
||||
<!-- Rules 100600 - 100699: Correlation Rules -->
|
||||
<!-- Frequency rule to capture 3 sysmon event 1 Anomalies -->
|
||||
|
||||
Reference in New Issue
Block a user