Good Summary including links, KQL, PowerShell, etc. https://t.co/kODDn0t39J #KQL #PowerShell #ASRRules #MicrosoftDefender

Great to see it is now available in the MEM Portal. #ASRrules

So i made an api endpoint, rendered a webpage, and even stored the asrRules in a DNS txt record for stealthy access. If you dont know what these are for or why they are cool watch for follow up posts Credit to: @BlackSnufkin42 for the base powershell script behind the

https://t.co/SOabwqyz2b #MicrosoftDefender #Intune #ASRRules #EndpointSecurity

So exited to share my second query - ASR rules detection in Microsoft Sentinel GitHub, Hunting repo 🎉🎉🎉 ✅ KQL : https://t.co/M9bzCfPAN6 #MDE #EPP #EDR #ASR #ASRrules

Its party time this weekend #ASRrules http://twitpic.com/2d56iw

If you missed NinjaShow yesterday, you can watch it on YouTube!! I talked about #KQL, #AdvancedHunting in #MDE. Focused on #ASRrules and #WebProtection data visualization. https://t.co/85IcYAp4vR

Joder, no me imaginaba que hoy en día 6 euros en una discoteca dieran para semejante trozo que llevo encima #AsrRules

@DebugPrivilege Through Azure I'm using a custom DSC module but here is the simple version of it -

@GrnEyedCED I share the excitement! #Asrrules

Are you experiencing issues with your ASR rules? In one of my latest blogposts I explain how you can create ASR exclusion and deploy with Intune. #ASRrules #Exclusion #Microsoft #Intune #Windows Create an ASR Rules Exclusion -

Al fin juntos! 👌😊🎉 #ASRrules http://t.co/xji7UBZhAZ

@neutroncore @DeviceDeploy Based on what I'm seeing, the settings do get tattooed When we set ASR rules from ConfigMgr, and it will set the registry values under \SOFTWARE\Policies\Microsoft\Windows Defender\Policy Manager ASRRules (String) Removing policy leaves the entry, so cleanup seems to be needed

We continue our #intune deep dive by looking at #asrrules #blueteam #cybersecurity #securebydesign https://t.co/s2UcvQKDpk