[German]A little shortie for the weekend. In Windows 10 there is the option to log processes or the loading of DLLs and drivers. The option can be turned on via the Code Integrity policy.
This is possible via PowerShell using theCode Integrity Policy and the ConvertFrom-CIPolicy cmdlet. I came across the relevant information from Matt Graber the other day via the following tweet.
Greaber introduced this approach in a sequence of tweets (this one is about user-mode logging). However, this may be old hat for administrators working with these policies.