Ossec APT Rules The APT rules are basically based on 3 log types, which are file changes, registry actions, and authorizations. The APTs that are still active in 2016 and after are examined and the rules specific to these APTs have been revealed.
Getting Started
Versioning
Authors Adem Simsek
License
Acknowledgments