Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,447 questions
Microsoft Defender is generating event after wmic os get Caption - how to tune it?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 64%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAU%3C/text%3E%3C/svg%3E)
aaz-uzso (Sadowski, Lukasz)
1
Reputation point
Hello,
Is there any way to tune running this command: wmic os get Caption?
Some users from our company are using tools which finally are running this command we are having event
"Suspicious sequence of exploitation activities" in Microsoft Defender.
Can we tune it somehow?
Best Regards,
Łukasz Sadowski