Suspicious Application Allowed Through Exploit Guard (42205c73-75c8-4a63-9db1-e3782e06fda0)

Detects applications being added to the "allowed applications" list of exploit guard in order to bypass controlled folder settings

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Suspicious Application Allowed Through Exploit Guard (42205c73-75c8-4a63-9db1-e3782e06fda0)	Sigma-Rules	Disable or Modify Tools - T1562.001 (ac08589e-ee59-4935-8667-d845e38fe579)	Attack Pattern	1
Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529)	Attack Pattern	Disable or Modify Tools - T1562.001 (ac08589e-ee59-4935-8667-d845e38fe579)	Attack Pattern	2