This update to Sysmon logs stream content for alternate data streams, introduces the `is-any` filter condition and includes a number of important bugfixes.
Sigcheck v2.80
Sigcheck, a flexible tool for showing file versions, file signatures, and certificate stores, introduces a -p option for specifying a trust GUID for signature verification, and it now shows certificate signing chains even when a certificate in the chain is untrusted.
Autoruns v13.98
This release of Autoruns resolves an issue where Microsoft Defender binaries were being flagged as unsigned.
Watch Mark Russinovich discuss these including demos of the new features in Sysmon and Sigcheck at https://youtu.be/HCZlJDKUqn0
