security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
310 Commits 1 Branch 0 Tags
30cded7a2db07bd0fb945c9d6aa68a7167c19f24
Commit Graph

8 Commits

Author SHA1 Message Date
Justin Ibarra 97ee8cc9ac Refresh beats and ecs schemas and default to use latest to validate (#570) 
* Refresh beats and ecs schemas and default to use latest to validate
* remove incorrect ecs_version from zoom rule
* remove stale ecs_version from rules
 2020-12-01 13:24:20 -09:00
seth-goodwin 2065af89b1 [Rule Tuning] Tag Categorization Updates (#380) 
* Add new categorization tags

* Change updated_date to 2020/10/26

Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com>, @bm11100
 2020-10-26 13:50:45 -05:00
Justin Ibarra a212008f8c [Rule Tuning] Remove event.module from rules for compatibility with agent integrations (#342) 2020-09-30 09:41:33 -08:00
Brent Murphy 6a1e97cd06 [Rule Tuning] Update AWS rules to account for Agent index (#256) 
* Update AWS rules

* chnage updated date
 2020-09-21 09:04:50 -04:00
Justin Ibarra 79a0dfefbe Add ECS 1.6.0 schema for validation testing (#220) 
* Add ecs 1.6.0 and refresh master ecs (2.0.0)
* update rule metadata to use ecs_version 1.6.0
 2020-08-27 11:54:49 -05:00
Brent Murphy 01b1e8be26 [Rule Tuning] Update Tags for Cloud Rules (#99) 
* [Rule Tuning] Update Tags for Cloud Rules

* commenting out specifying alphabetical tag order in rule formatter

* Update rule_formatter.py

* py lint

* Lint fix comments

* update modified dates

* Update credential_access_secretsmanager_getsecretvalue.toml

* adding Continuous Monitoring tag

* update tags

* fixed and in tags

Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com>
 2020-08-03 17:15:15 -04:00
Brent Murphy e08ff6c55d [Rule Tuning] Update Cloud rules with note field (#79) 
Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com>
 2020-07-21 12:27:42 -04:00
Samirbous 676be30199 [New rule] AWS Secrets Manager and System Manager 
Co-authored-by: Seth Goodwin <58222969+seth-goodwin@users.noreply.github.com>
Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com>
Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com>
Co-authored-by: Craig Chamberlain <randomuserid@users.noreply.github.com>
Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com>
 2020-07-08 12:48:04 -06:00