5bc3d1e2d5
[New Rule] Okta User Session Impersonation ( #1867 )
...
* [New Rule] Okta User Session Impersonation
Co-authored-by: Jonhnathan <jonhnathancesar@gmail.com >
(cherry picked from commit 46c2383e5b
2022-03-23 00:13:53 +00:00
73b3bec457
[Security Content] Update rules based on docs review ( #1803 )
...
* Adds suggestions from security-docs
* Update rules/windows/lateral_movement_powershell_remoting_target.toml
Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com >
Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com >
(cherry picked from commit 1c50f35aed
2022-03-02 00:41:56 +00:00
948e484070
[Rule tuning] Update rules based on docs review ( #1663 )
...
* [Rule tuning] Update rule verbiage based on docs review
* fix typos
Co-authored-by: Jonhnathan <jonhnathancesar@gmail.com >
* revert TI rule changes since it was deprecated
Co-authored-by: Jonhnathan <jonhnathancesar@gmail.com >
(cherry picked from commit 72c64de3f5
2022-01-28 19:43:39 +00:00
15d6244331
Create credential_access_mfa_push_brute_force.toml ( #1682 )
...
(cherry picked from commit 7e4325dd7a
2022-01-27 12:40:11 +00:00
4524c175c8
Add missing Integration field ( #1537 )
...
* Add missing Integration field
* Bump updated_date
* Add test for integration<->path
* Fix rule folder
* bump updated date in rule
Co-authored-by: brokensound77 <brokensound77@users.noreply.github.com >
2021-10-26 12:05:12 -03:00
3b0d2006b7
Made these pull requests before the directory restructure. ( #1517 )
...
Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com >
2021-10-05 09:29:40 -03:00
1882f4456c
[Fleet] Track integrations in folder and metadata ( #1372 )
...
* Track integrations in folder and metadata
* Remove duplicate entry
* Update note and tests
2021-07-21 15:24:56 -06:00
Justin Ibarra