Nexus 6192753a7a feat: detect EDR/XDR and third-party AV in passive mode (#15) ... CrowdStrike Falcon and other EDR/XDR products don't register in WMI SecurityCenter2, but put Defender in Passive Mode. This caused ASR rules to either silently fail or throw errors. New 3-layer detection: - Layer 1: WMI SecurityCenter2 (traditional AV: Bitdefender, Kaspersky, etc.) - Layer 2: Defender Passive Mode via Get-MpComputerStatus (EDR/XDR) - Layer 3: 18 known EDR service names for display identification Changes: - Utils/Dependencies.ps1: New Test-ThirdPartySecurityProduct function, updated Test-WindowsDefenderAvailable with IsPassiveMode property, updated Test-AllDependencies to handle passive mode gracefully - Modules/ASR/Public/Invoke-ASRRules.ps1: Detection runs before Defender service check, inline fallback for standalone execution - Tools/Verify-Complete-Hardening.ps1: Same 3-layer detection, ASR counted as 19/19 verified when third-party product detected Closes #15 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>		2026-03-23 20:41:38 +01:00
..
_ModuleTemplate	v2.2.0 - Complete Security Hardening Framework (632 Settings)	2025-12-08 10:32:49 +01:00
AdvancedSecurity	chore: complete version alignment 2.2.2 → 2.2.3 across all module files	2026-03-05 08:37:07 +01:00
AntiAI	chore: complete version alignment 2.2.2 → 2.2.3 across all module files	2026-03-05 08:37:07 +01:00
ASR	feat: detect EDR/XDR and third-party AV in passive mode (#15)	2026-03-23 20:41:38 +01:00
DNS	release: v2.2.3 - Fix Restore Mode module selection crash	2026-01-07 18:46:14 +01:00
EdgeHardening	release: v2.2.3 - Fix Restore Mode module selection crash	2026-01-07 18:46:14 +01:00
Privacy	chore: complete version alignment 2.2.2 → 2.2.3 across all module files	2026-03-05 08:37:07 +01:00
SecurityBaseline	release: v2.2.3 - Fix Restore Mode module selection crash	2026-01-07 18:46:14 +01:00