January 2024 WDAC Advanced Hunting changes
Andrew Microsoft today published an update advisory for Windows Defender Application Control (WDAC) Advanced Hunting changes that could have an impact if you have any hunting rules or dashboards in place.…
Deploying Sentinel analytic rules from DevOps
There is a Microsoft Sentinel feature currently in public preview that allow you to deploy custom Sentinel content from DevOps or GitHub, such as analytic rules. The linked article provides…
Confirm what WDAC policies are present on a device
Windows Defender Application Control (WDAC) is an application control system integrated into Windows 10/11 and is used within Enterprise to whitelist trusted applications, allowing them to run, and blocking either…