Antivirus Filter Driver Disallowed On Dev Drive - Deleted Key
Nasreddine Bencherchali (Nextron Systems)
Detects the deletion of a registry value related to "Dev Drive" Antivirus monitoring. An attacker might delete this in order to avoid security monitoring in dev drives.
Nextron Sigma feed only (private)