 Ruben Groenewoud
|
38e2e4766f
|
[Rule Tuning] Linux DR BBR Tuning (#5514)
* [Rule Tuning] Linux DR BBR Tuning
* Update discovery_getconf_execution.toml
* Fix typo in process.args for dscl command
* Update persistence_web_server_sus_file_creation.toml
---------
Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com>
|
2026-01-07 16:52:40 +01:00 |
|
|
shashank-elastic
|
d2502c7394
|
Prep for Release 8.17 (#4256)
|
2024-11-07 23:53:04 +05:30 |
|
|
Ruben Groenewoud
|
592ad0fe9a
|
[Rule Tuning] Q2 Linux DR Tuning - BBR (#4171)
* [Rule Tuning] Q2 Linux DR Tuning - BBR
* Update discovery_kernel_module_enumeration_via_proc.toml
* Update discovery_linux_modprobe_enumeration.toml
* Update discovery_linux_sysctl_enumeration.toml
* Update discovery_potential_memory_seeking_activity.toml
* Update discovery_potential_memory_seeking_activity.toml
|
2024-10-18 16:45:23 +02:00 |
|
|
shashank-elastic
|
a53f7d55a3
|
Testcase to check if Rule Type: BBR tag is present for all BBR rules (#4048)
|
2024-09-02 21:29:31 +05:30 |
|
|
Ruben Groenewoud
|
9f8638a004
|
[Tuning] event.action and event.type change (#3495)
Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>
|
2024-03-13 10:11:21 +01:00 |
|
|
Jonhnathan
|
458e67918a
|
[Security Content] Small tweaks on the setup guides (#3308)
* [Security Content] Small tweaks on the setup guides
* Additional Fixes
* Avoid touching deprecated rules
|
2024-03-11 09:09:40 -03:00 |
|
|
shashank-elastic
|
1a2ef4b867
|
Linux Process Capabilities Enrichment Detection Rules (#3366)
Co-authored-by: Ruben Groenewoud <78494512+Aegrah@users.noreply.github.com
|
2024-01-18 22:49:43 +05:30 |
|