Hello
who has managed to come up with
rules to detect GPO changes
rules to detect priviledge escallation att
rules to detect and alert when lateral movement is initiated
rules for detecting suspicious network suspicious network traffic during non office hours
kindly share.
