sigma-rules

Author	SHA1	Message	Date
Terrance DeJesus	bfca0ea414	[New Hunt] Commvault Supply Chain Threat (#4748 ) * hunts for CommVault threat * added lookback time to ESQL query * updated query logic	2025-05-28 14:11:46 -04:00
Terrance DeJesus	909ff9c07e	new hunt 'Microsoft Entra Infrequent Suspicious OData Client Requests' (#4708 ) Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com>	2025-05-09 22:14:42 -04:00
Terrance DeJesus	ba16e27edb	[Rule Tuning] Tuning `Azure Service Principal Credentials Added` (#4570 ) * tuning 'Azure Service Principal Credentials Added' * updated patch version * added investigation guide * updating patch version * updating patch version	2025-04-16 13:58:17 -04:00
Terrance DeJesus	7c4f334a00	[New Hunt] Adding Hunting Queries for Azure Entra Sign-In Anomalies (#4527 ) * adding new hunts for Azure entra sign-in anomalies * fixing commented query logic; added hydra user agent	2025-03-11 10:27:08 -04:00
Terrance DeJesus	1851ab91fd	new hunting queries for Azure device code (#4468 )	2025-02-21 11:00:34 -05:00