From 698e830f9fea1d5ff73ab63f1fbdbfeff760f720 Mon Sep 17 00:00:00 2001
From: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>
Date: Thu, 8 Aug 2024 11:47:48 -0400
Subject: [PATCH] [Rule Tuning] Removing Minimum Stack Compatibility (#3974)

* removing min-stack

* removing min-stack

* updating date
---
 rules/cross-platform/execution_python_script_in_cmdline.toml  | 4 +---
 rules/windows/credential_access_dcsync_user_backdoor.toml     | 4 +---
 .../initial_access_evasion_suspicious_htm_file_creation.toml  | 4 +---
 rules/windows/persistence_startup_folder_scripts.toml         | 4 +---
 4 files changed, 4 insertions(+), 12 deletions(-)

diff --git a/rules/cross-platform/execution_python_script_in_cmdline.toml b/rules/cross-platform/execution_python_script_in_cmdline.toml
index c8994d36c..1f8237443 100644
--- a/rules/cross-platform/execution_python_script_in_cmdline.toml
+++ b/rules/cross-platform/execution_python_script_in_cmdline.toml
@@ -2,9 +2,7 @@
 creation_date = "2021/01/13"
 integration = ["endpoint"]
 maturity = "development"
-min_stack_comments = "New fields added: required_fields, related_integrations, setup"
-min_stack_version = "8.3.0"
-updated_date = "2023/10/19"
+updated_date = "2024/08/08"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/windows/credential_access_dcsync_user_backdoor.toml b/rules/windows/credential_access_dcsync_user_backdoor.toml
index ecfdf735f..40ad071a9 100644
--- a/rules/windows/credential_access_dcsync_user_backdoor.toml
+++ b/rules/windows/credential_access_dcsync_user_backdoor.toml
@@ -2,9 +2,7 @@
 creation_date = "2024/07/10"
 integration = ["system", "windows"]
 maturity = "production"
-min_stack_comments = "New fields added: required_fields, related_integrations, setup"
-min_stack_version = "8.3.0"
-updated_date = "2024/07/10"
+updated_date = "2024/08/08"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/windows/initial_access_evasion_suspicious_htm_file_creation.toml b/rules/windows/initial_access_evasion_suspicious_htm_file_creation.toml
index dc6f5b5fb..9833b3ed3 100644
--- a/rules/windows/initial_access_evasion_suspicious_htm_file_creation.toml
+++ b/rules/windows/initial_access_evasion_suspicious_htm_file_creation.toml
@@ -2,9 +2,7 @@
 creation_date = "2022/07/03"
 integration = ["endpoint"]
 maturity = "production"
-min_stack_comments = "New fields added: required_fields, related_integrations, setup"
-min_stack_version = "8.3.0"
-updated_date = "2024/08/06"
+updated_date = "2024/08/08"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/windows/persistence_startup_folder_scripts.toml b/rules/windows/persistence_startup_folder_scripts.toml
index 4e7f0fe7a..548f05448 100644
--- a/rules/windows/persistence_startup_folder_scripts.toml
+++ b/rules/windows/persistence_startup_folder_scripts.toml
@@ -2,9 +2,7 @@
 creation_date = "2020/11/18"
 integration = ["endpoint", "windows"]
 maturity = "production"
-min_stack_comments = "New fields added: required_fields, related_integrations, setup"
-min_stack_version = "8.3.0"
-updated_date = "2024/08/06"
+updated_date = "2024/08/08"
 
 [transform]
 [[transform.osquery]]