object access auditing disable detector

drop security evtx csv · detect object access audit subcategory disabling · identify file system registry and sam auditing gaps · surface what file access was made invisible · runs locally