security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
310 Commits 1 Branch 0 Tags
30cded7a2db07bd0fb945c9d6aa68a7167c19f24
Commit Graph

19 Commits

Author SHA1 Message Date
Justin Ibarra 97ee8cc9ac Refresh beats and ecs schemas and default to use latest to validate (#570) 
* Refresh beats and ecs schemas and default to use latest to validate
* remove incorrect ecs_version from zoom rule
* remove stale ecs_version from rules
 2020-12-01 13:24:20 -09:00
brokensound77 75d37e9271 Merge remote-tracking branch 'upstream/main' into mergeback/7.10-to-main 2020-11-12 00:59:31 -09:00
brokensound77 123d523cf0 lock version changes for 7.10 2020-11-12 00:52:44 -09:00
Justin Ibarra fda1e7ef94 Bump zoom rule to production (#427) 2020-10-29 11:02:29 -08:00
Justin Ibarra 442b31bd2f Update packages.yml 2020-10-26 12:07:34 -08:00
Justin Ibarra 7c1e9c1ed5 Update package summary extras produced during package generation (#341) 
* update summary.txt
* add summary.xlsx
* add changelog entry autogeneration
 2020-09-30 14:43:45 -08:00
Justin Ibarra aecf355582 Refresh beats schema for validation to 7.9.2 (#347) 2020-09-30 09:35:13 -08:00
Justin Ibarra 065bcd8018 Refresh ATT&CK data to v7.2 and expand threat validation (#330) 
* refresh to latest ATT&CK 7.2
* add new unit test to further validate threat mappings
* updated threat mappings in rules to reflect changes
* new func to download and refresh mitre data based on version
 2020-09-23 22:03:29 -08:00
Justin Ibarra 6ad3344af3 Collect unique query fields per rule (#296) 2020-09-23 14:36:34 -08:00
Justin Ibarra b8e0c379c5 Update packages.yml 2020-09-02 14:10:46 -05:00
brokensound77 aec3ec31b9 Merge branch '7.9' into main 2020-08-27 15:54:44 -08:00
Justin Ibarra 4ffdc46ba7 Lock rule versions (#207) 2020-08-27 17:47:29 -05:00
Justin Ibarra 79a0dfefbe Add ECS 1.6.0 schema for validation testing (#220) 
* Add ecs 1.6.0 and refresh master ecs (2.0.0)
* update rule metadata to use ecs_version 1.6.0
 2020-08-27 11:54:49 -05:00
Justin Ibarra 9b70383898 Refresh ecs master and add beats v7.8.1 schemas (#156) 2020-08-17 12:33:20 -05:00
Ross Wolf 69a5b7e409 Lock versions for 7.9 release 2020-08-04 13:35:14 -06:00
Ross Wolf db4f50d4b8 Improve the validation and testing time (#61) 
* Improve the validation and testing time
* Lint fix
* Cache schema validation
 2020-07-15 08:05:55 -06:00
Craig Chamberlain a2a0b2bf0c [New Rule] AWS EC2 Snapshot Activity 
Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com>
Co-authored-by: David French <56409778+threat-punter@users.noreply.github.com>
 2020-07-07 15:10:06 -06:00
Ross Wolf e2d97b0a74 Remove unreachable and legacy code 
Co-Authored-By: Justin Ibarra <brokensound77@users.noreply.github.com>
 2020-06-30 10:12:23 -06:00
Ross Wolf 3b305d3003 Add rule loader and dependencies 
Co-Authored-By: Justin Ibarra <brokensound77@users.noreply.github.com>
 2020-06-29 23:17:42 -06:00