Phoenix
Sigma Intelligence
Beta
Home
Detections
Rules
Authors
MITRE
KB
Convert
Analytics
Coverage
Field Explorer
Testing
Ecosystem
Releases
About
Team
Philosophy
Search Rules
Rule Library
Sigma Rules
1 rule found
3,707
Total
3,116
Detection
451
Emerging
137
Hunting
Filters
Detection
high
test
Sysmon Configuration Modification
Detects when an attacker tries to hide from Sysmon by disabling or stopping it
Windows
sysmon_status
TA0005 · Defense Evasion
T1564 · Hide Artifacts
François Hubaut
Fri Jun 04
windows