MA

Matt Anderson

First rule: Sun Jan 01 2017 00:00:00 GMT+0000 (Coordinated Universal Time)

Share profile card

0rules authored

9sole author

10co-authored

Top Log Sources

windows / process_creation

windows / file_event

windows / security

Rule Types

11 emerging threat

7 threat hunting

By Severity

critical

2

high

8

medium

8

low

0

informational

1

By Status

stable

0

test

10

experimental

9

deprecated

0

unsupported

0

0

Total Rules

0

Stable Rules

0

High / Critical

0

Log Source Types

Recent RulesAll rules →

Devcon Execution Disabling VMware VMCI Device

Fri Jan 02 2026 00:00:00 GMT+0000 (Coordinated Universal Time)

PUA - Kernel Driver Utility (KDU) Execution

Fri Jan 02 2026 00:00:00 GMT+0000 (Coordinated Universal Time)

Delete Defender Scan ShellEx Context Menu Registry Key

Fri Jul 11 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

mediumDetection

PowerShell Defender Threat Severity Default Action Set to 'Allow' or 'NoAction'

Fri Jul 11 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

Windows Defender Threat Severity Default Action Modified

Fri Jul 11 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

Windows Defender Context Menu Removed

Wed Jul 09 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

Browse all 19 rules by Matt Anderson

Filter the full rule library to see only their contributions