security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,585 Commits 1 Branch 0 Tags
1dfb05ec1cd5604db32e7ac602fd28435c19eb65
Commit Graph

5 Commits

Author SHA1 Message Date
Mika Ayenson fe8c81d762 [FR] Generate investigation guides (#4358) 2025-01-22 11:17:38 -06:00
shashank-elastic f0291b440a Minstack endpoint rules with process.group.id fields (#4294) 2024-12-10 21:03:32 +05:30
Ruben Groenewoud ac6a49eeea [Rule Tuning] Q2 Linux DR Tuning - Part 6 (#4167) 2024-10-18 16:25:54 +02:00
Mika Ayenson b80d8342d6 [Docs | Rule Tuning] Add blog references to rules (#4097) 
* [Docs | Rule Tuning] Add blog references to rules

* Apply suggestions from code review

Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>

* Apply suggestions from code review

* Update google_workspace blog references

* add okta blog references

* Update dates

---------

Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
 2024-09-25 15:19:20 -05:00
Ruben Groenewoud c3ba7b1262 [New Rule] Privilege Escalation via SUID/SGID (#3793) 
* [New Rule] Privilege Escalation via SUID/SGID

* unit test error fix?

* Update rules/linux/privilege_escalation_potential_suid_sgid_exploitation.toml
 2024-06-27 16:50:09 +02:00