From 5eb239ce482c044246dddab84636f62874ac8bcd Mon Sep 17 00:00:00 2001
From: bohops <jimmy@jbtech.us>
Date: Wed, 29 Sep 2021 08:16:37 -0400
Subject: [PATCH] Update Block Rule Credits - Add James Forshaw

James has discovered numerous WDAC bypasses and is credited with the addinprocess* findings.
---
 .../microsoft-recommended-block-rules.md                       | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
index d9e8974465..0a04135fbc 100644
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
@@ -88,6 +88,7 @@ Unless your use scenarios explicitly require them, Microsoft recommends that you
 | `Alex Ionescu` | `@aionescu`|
 | `Brock Mammen`| |
 | `Casey Smith` | `@subTee` | 
+| `James Forshaw` | `@tiraniddo` |
 | `Jimmy Bayne` | `@bohops` |
 | `Lasse Trolle Borup` | `Langkjaer Cyber Defence` |
 | `Lee Christensen` | `@tifkin_` |
@@ -1555,4 +1556,4 @@ Select the correct version of each .dll for the Windows release you plan to supp
 
 ## More information
 
-- [Merge Windows Defender Application Control policies](merge-windows-defender-application-control-policies.md)
\ No newline at end of file
+- [Merge Windows Defender Application Control policies](merge-windows-defender-application-control-policies.md)