 frack113
|
7060db3d47
|
Promotion rules (#3821)
* Promotion rules
* fix missing null
* fix: modified date
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
|
2022-12-27 12:29:10 +01:00 |
|
|
frack113
|
646351808e
|
Refractor (#3794)
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
|
2022-12-18 21:00:14 +01:00 |
|
|
Nasreddine Bencherchali
|
80ef3b70dc
|
fix: broken single item lists
|
2022-12-08 16:23:58 +01:00 |
|
|
frack113
|
7b55972146
|
Order yaml field
|
2022-10-25 06:48:55 +02:00 |
|
|
frack113
|
931fb30853
|
old experimental rule promotion
|
2022-10-09 16:54:04 +02:00 |
|
|
Florian Roth
|
f728893364
|
refactor: rule level adjustments - critical to high
|
2022-06-18 17:43:22 +02:00 |
|
|
Florian Roth
|
2a11e5bafa
|
refactor: rule addition
|
2022-05-12 18:10:06 +02:00 |
|
|
Florian Roth
|
1b9ce19b2c
|
fix: several issues
|
2022-05-12 17:30:30 +02:00 |
|
|
Florian Roth
|
2cd5a93fb6
|
refactor: update antivirus rules
|
2022-05-12 17:19:46 +02:00 |
|
|
Florian Roth
|
0dfd802579
|
Merge pull request #2837 from SigmaHQ/log-source-cleanup
Log source cleanup
|
2022-03-24 21:26:46 +01:00 |
|
|
Florian Roth
|
213f7fff5c
|
refactor: make antivirus a category
|
2022-03-24 11:59:33 +01:00 |
|
|
Tim Shelton
|
6ab396fd66
|
FP another variation of symantec submitting file for analysis, reduced words to catch both
|
2022-03-22 21:43:33 +00:00 |
|
|
Tim Shelton
|
c58f3d0351
|
Filtering of symantec submission for analysis
|
2022-03-16 19:07:15 +00:00 |
|
|
markus-nclose
|
4c2a3c3036
|
CobaltStrike typo
This typo keeps sneaking back in - critical for detection.
Spelling correct according to https://www.nextron-systems.com/wp-content/uploads/2018/09/Antivirus_Event_Analysis_CheatSheet_1.5-2.pdf
|
2022-02-02 07:31:48 +02:00 |
|
|
frack113
|
eb22807ddc
|
Order rules
|
2022-01-20 22:06:55 +01:00 |
|