Nov 26 2021 11:23 AM
We are currently building a PoC for a customer.
We are about 100 Windows 10 onboard into MDE.
Customer is in healthcare thus many users have local Admin privilege.
During a test phase, customer was able to run https://www.spyshelter.com/security-test-tool/
Keylogging could run
Registry entry modification could run
Many other stuff could run
Nothing came up in MDE Alerts.
Can someone explain why no alert
Nov 26 2021 10:07 PM
Nov 27 2021 09:44 AM
Nov 28 2021 09:26 PM
Nov 29 2021 05:23 AM
Nov 29 2021 06:47 PM