Detection - Blue Team

Event Logs and classification - https://github.com/mdecrevoisier/Microsoft-eventlog-mindmap/blob/main/windows-auditing-baseline-map/windows-auditing-baseline-map.png

https://dmcxblue.net/2022/11/10/playing-blue/

Detection With Low alerts

https://towardsdatascience.com/architecture-of-ai-driven-security-operations-with-a-low-false-positive-rate-a33dbbad55b4