fixed multiple tags issue

2024-11-06 17:35:19 +00:00 · 2019-03-06 06:09:37 +01:00 · 2019-03-06 06:09:37 +01:00 · 8bec627ff1
commit 8bec627ff1
parent 5154460726
2 changed files with 0 additions and 4 deletions
--- a/rules/windows/process_creation/win_susp_svchost.yml
+++ b/rules/windows/process_creation/win_susp_svchost.yml
@ -20,8 +20,6 @@ detection:
 fields:
    - CommandLine
    - ParentCommandLine
-tags:
-    - attack.defense_evasion
 falsepositives:
    - Unknown
 level: high
--- a/rules/windows/process_creation/win_system_exe_anomaly.yml
+++ b/rules/windows/process_creation/win_system_exe_anomaly.yml
@ -29,8 +29,6 @@ detection:
            - '*\System32\\*'
            - '*\SysWow64\\*'
    condition: selection and not filter
-tags:
-    - attack.defense_evasion
 falsepositives:
    - Exotic software
 level: high