* refresh to latest ATT&CK 7.2 * add new unit test to further validate threat mappings * updated threat mappings in rules to reflect changes * new func to download and refresh mitre data based on version
* [New Rule] Suspicious dotNet Comilper Parent Process * Update rules/windows/execution_suspicious_dotnet_compiler_parent_process.toml Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com> * Update rules/windows/execution_suspicious_dotnet_compiler_parent_process.toml Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com> * Update rules/windows/execution_suspicious_dotnet_compiler_parent_process.toml Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com> * Update rules/windows/execution_suspicious_dotnet_compiler_parent_process.toml Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com> * Update rules/windows/execution_suspicious_dotnet_compiler_parent_process.toml Co-authored-by: David French <56409778+threat-punter@users.noreply.github.com> * Update rules/windows/execution_suspicious_dotnet_compiler_parent_process.toml Co-authored-by: David French <56409778+threat-punter@users.noreply.github.com> Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com> Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com> Co-authored-by: David French <56409778+threat-punter@users.noreply.github.com>
Justin Ibarra