security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
efe2c9bbcb1a84b549a56242b98b4fa9eeb9aff3
blue-team-tools/rules/cloud
T
History
Mark Morowczynski efe2c9bbcb Merge PR #4423 from @MarkMorow - Add Azure AD Identity Protection Rules 
new: Anomalous User Activity
new: Activity From Anonymous IP Address
new: Atypical Travel
new: Impossible Travel
new: Suspicious Inbox Forwarding Identity Protection
new: Suspicious Inbox Manipulation Rules
new: Azure AD Account Credential Leaked
new: Sign-In From Malware Infected IP
new: New Country
new: Password Spray Activity
new: Suspicious Browser Activity
new: SAML Token Issuer Anomaly
new: Unfamiliar Sign-In Properties

---------

Co-authored-by: gleeiamglo <142270304+gleeiamglo@users.noreply.github.com>
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
2023-09-06 10:56:13 +02:00
..
aws
Merge pull request #4294 from @danielbohannon - Permiso p0-LUCR-1 (aka GUI-vil)
2023-08-24 12:21:34 +02:00
azure
Merge PR #4423 from @MarkMorow - Add Azure AD Identity Protection Rules
2023-09-06 10:56:13 +02:00
gcp
Promotion rules (#3821)
2022-12-27 12:29:10 +01:00
github
fix: typos in multiple rules (#4011)
2023-02-06 13:53:23 +01:00
gworkspace
Promotion rules (#3821)
2022-12-27 12:29:10 +01:00
m365
change status to test
2023-01-27 06:48:34 +01:00
okta
Update rules/cloud/okta/okta_fastpass_phishing_detection.yml
2023-05-10 01:18:00 -05:00
onelogin
Promotion rules (#3821)
2022-12-27 12:29:10 +01:00