 Jonhnathan
|
fccfafea6b
|
[Rule Tuning] Improve Detection Compatibility with Non-English Logs (#4410)
* [Rule Tuning] Improve Detection Compatibility with Non-English Logs
* Update rules/windows/persistence_dontexpirepasswd_account.toml
Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
* Update credential_access_disable_kerberos_preauth.toml
---------
Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
|
2025-01-23 16:12:42 -03:00 |
|
|
Mika Ayenson
|
fe8c81d762
|
[FR] Generate investigation guides (#4358)
|
2025-01-22 11:17:38 -06:00 |
|
|
shashank-elastic
|
92fe46b8ff
|
Fix Minstack version for windows integration (#4214)
|
2024-10-28 19:28:10 +05:30 |
|
|
Jonhnathan
|
f5069763b6
|
[Rule Tuning] Add System tag to DRs (#3968)
* [Rule Tuning] Add System tag to DRs
* bump
|
2024-08-09 11:14:33 -03:00 |
|
|
Terrance DeJesus
|
698e830f9f
|
[Rule Tuning] Removing Minimum Stack Compatibility (#3974)
* removing min-stack
* removing min-stack
* updating date
|
2024-08-08 11:47:48 -04:00 |
|
|
Jonhnathan
|
65cacb4960
|
[New Rule] Potential Active Directory Replication User Backdoor (#3014)
* [New Rule] Potential Active Directory Replication User Backdoor
* Update credential_access_dcsync_user_backdoor.toml
* Update rules/windows/credential_access_dcsync_user_backdoor.toml
Co-authored-by: Ruben Groenewoud <78494512+Aegrah@users.noreply.github.com>
* Update rules/windows/credential_access_dcsync_user_backdoor.toml
* Update rules/windows/credential_access_dcsync_user_backdoor.toml
---------
Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>
Co-authored-by: Ruben Groenewoud <78494512+Aegrah@users.noreply.github.com>
|
2024-07-31 12:02:34 -03:00 |
|