Using Advanced KQL to Audit Attack Surface Reduction Rules
Auditing Attack Surface Reduction (ASR) rules can generate overwhelming data. In this blog, we walk through the different ways of verifying the audit results, different types of exclusions, and provide an advanced KQL that surfaces detailed information.