Is there a defender advance hunting query that can detect audited data of Microsoft potential unwanted application?
If there is then how to determine the false positive?
I tried creating advance hunting query myself but they're basics. I'm looking for a query that can display audited log of Potential unwanted application and their filename, deviecname, SHA1, and threatname.
