hello guys
who has managed to create rules for:
1.suspicious network network
2.rules to prevent lateral movement
3.rule to prevent GPO changes
and finaly a
4. rule to prevent priviledge escalation
*Suspicious network traffic
