Deprecated Detections
| Name | Data Source | Technique | Type | Analytic Story | Date |
|---|---|---|---|---|---|
| Windows AD Suspicious GPO Modification | Windows Event Log Security 5136, Windows Event Log Security 5145 | Windows File and Directory Permissions Modification Group Policy Modification | TTP | Sneaky Active Directory Persistence Tricks | 2025-06-16 |