[Deprecate] Potential Process Herpaderping Attempt (#3336)

* Update and rename defense_evasion_potential_processherpaderping.toml to defense_evasion_potential_processherpaderping.toml * Rename defense_evasion_potential_processherpaderping.toml to defense_evasion_potential_processherpaderping.toml * ++ --------- Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>
2023-12-19 20:59:48 +00:00
parent eafec1d857
commit 341499a2bc
1 changed files with 10 additions and 3 deletions
@@ -1,10 +1,11 @@
 [metadata]
 creation_date = "2020/10/27"
+deprecation_date = "2023/12/15"
 integration = ["endpoint", "windows"]
-maturity = "production"
+maturity = "deprecated"
 min_stack_comments = "New fields added: required_fields, related_integrations, setup"
 min_stack_version = "8.3.0"
-updated_date = "2023/06/22"
+updated_date = "2023/12/15"

 [rule]
 author = ["Elastic"]
@@ -21,7 +22,13 @@ references = ["https://github.com/jxy-s/herpaderping"]
 risk_score = 73
 rule_id = "ccc55af4-9882-4c67-87b4-449a7ae8079c"
 severity = "high"
-tags = ["Domain: Endpoint", "OS: Windows", "Use Case: Threat Detection", "Tactic: Defense Evasion", "Data Source: Elastic Defend"]
+tags = [
+    "Domain: Endpoint",
+    "OS: Windows",
+    "Use Case: Threat Detection",
+    "Tactic: Defense Evasion",
+    "Data Source: Elastic Defend",
+]
 type = "eql"

 query = '''