be3af09d9d
[Rule Tuning] Misc. Linux Community Tunings ( #5160 )
...
* [Rule Tuning] Misc. Linux Community Tunings
* ++
* Fix query syntax in execution_unusual_path_invocation rule
* Refactor process.parent conditions for clarity
2025-10-06 12:05:59 +02:00
1c98a0d64c
[Rule Tuning] Linux DR Tuning - Part 3 ( #4420 )
...
* Initial set
* [Rule Tuning] Linux DR - Part 3
* ++
* Update execution_unusual_path_invocation_from_command_line.toml
* Update execution_unusual_path_invocation_from_command_line.toml
2025-02-03 13:17:00 +01:00
fe8c81d762
[FR] Generate investigation guides ( #4358 )
2025-01-22 11:17:38 -06:00
75c7c09595
[New Rule] Suspicious Path Invocation from Command Line ( #4338 )
2025-01-16 10:20:37 +01:00
Ruben Groenewoud