[Rule Tuning] Added Kubernetes Data Source Tag (#4831)

2025-06-24 13:18:58 +02:00
parent 4b20d69c03
commit e666cabb3d
4 changed files with 8 additions and 4 deletions
@@ -2,7 +2,7 @@
 creation_date = "2025/06/17"
 integration = ["endpoint"]
 maturity = "production"
-updated_date = "2025/06/17"
+updated_date = "2025/06/19"

 [rule]
 author = ["Elastic"]
@@ -49,6 +49,7 @@ severity = "medium"
 tags = [
    "Domain: Endpoint",
    "Domain: Container",
+    "Domain: Kubernetes",
    "OS: Linux",
    "Use Case: Threat Detection",
    "Tactic: Credential Access",
@@ -2,7 +2,7 @@
 creation_date = "2025/06/17"
 integration = ["endpoint"]
 maturity = "production"
-updated_date = "2025/06/17"
+updated_date = "2025/06/19"

 [rule]
 author = ["Elastic"]
@@ -56,6 +56,7 @@ severity = "low"
 tags = [
    "Domain: Endpoint",
    "Domain: Container",
+    "Domain: Kubernetes",
    "OS: Linux",
    "Use Case: Threat Detection",
    "Tactic: Discovery",
@@ -2,7 +2,7 @@
 creation_date = "2025/06/17"
 integration = ["endpoint"]
 maturity = "production"
-updated_date = "2025/06/17"
+updated_date = "2025/06/19"

 [rule]
 author = ["Elastic"]
@@ -52,6 +52,7 @@ severity = "low"
 tags = [
    "Domain: Endpoint",
    "Domain: Container",
+    "Domain: Kubernetes",
    "OS: Linux",
    "Use Case: Threat Detection",
    "Tactic: Discovery",
@@ -2,7 +2,7 @@
 creation_date = "2025/06/17"
 integration = ["endpoint"]
 maturity = "production"
-updated_date = "2025/06/17"
+updated_date = "2025/06/19"

 [rule]
 author = ["Elastic"]
@@ -53,6 +53,7 @@ severity = "medium"
 tags = [
    "Domain: Endpoint",
    "Domain: Container",
+    "Domain: Kubernetes",
    "OS: Linux",
    "Use Case: Threat Detection",
    "Tactic: Lateral Movement",