sigma-rules

security-tools/sigma-rules

Fork 0

Commit Graph

Author	SHA1	Message	Date
Terrance DeJesus	deab1c0161	[Rule Tuning] Change event.dataset to data_stream.dataset (#5943 ) * [Rule Tuning] Change event.dataset to data_stream.dataset * updating ESQL field names	2026-04-10 12:27:52 -04:00
shashank-elastic	199a4d6160	Monthly Manifest and Schema Updation (#5920 )	2026-04-06 17:35:33 +05:30
Ruben Groenewoud	c6f843ef9d	[New Rules] LiteLLM & Trivy TeamPCP Compromise (#5885 ) * [New Rules] LiteLLM & Trivy TeamPCP Compromise * ++ * Apply suggestion from @Samirbous Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com> * Apply suggestion from @Samirbous Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com> * ++ * ++ * Update rules/cross-platform/collection_data_encrypted_via_openssl.toml Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com> * Update rules/cross-platform/collection_data_encrypted_via_openssl.toml Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com> * ++ * ++ * ++ * ++ * Update rules/cross-platform/execution_suspicious_python_command_execution.toml Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com> * Update rules/cross-platform/execution_suspicious_python_command_execution.toml Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com> * Update rules/cross-platform/defense_evasion_data_encrypted_via_openssl.toml Co-authored-by: Mika Ayenson, PhD <Mikaayenson@users.noreply.github.com> * Update rules/cross-platform/defense_evasion_data_encrypted_via_openssl.toml Co-authored-by: Mika Ayenson, PhD <Mikaayenson@users.noreply.github.com> * ++ * ++ * ++ * ++ --------- Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com> Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com> Co-authored-by: Mika Ayenson, PhD <Mikaayenson@users.noreply.github.com>	2026-03-26 11:16:30 -05:00

Author

SHA1

Message

Date

Terrance DeJesus

deab1c0161

[Rule Tuning] Change event.dataset to data_stream.dataset (#5943 )

* [Rule Tuning] Change event.dataset to data_stream.dataset

* updating ESQL field names

2026-04-10 12:27:52 -04:00

shashank-elastic

199a4d6160

Monthly Manifest and Schema Updation (#5920 )

2026-04-06 17:35:33 +05:30

Ruben Groenewoud

c6f843ef9d

[New Rules] LiteLLM & Trivy TeamPCP Compromise (#5885 )

* [New Rules] LiteLLM & Trivy TeamPCP Compromise

* ++

* Apply suggestion from @Samirbous

Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>

* Apply suggestion from @Samirbous

Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>

* ++

* ++

* Update rules/cross-platform/collection_data_encrypted_via_openssl.toml

Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>

* Update rules/cross-platform/collection_data_encrypted_via_openssl.toml

Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>

* ++

* ++

* ++

* ++

* Update rules/cross-platform/execution_suspicious_python_command_execution.toml

Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>

* Update rules/cross-platform/execution_suspicious_python_command_execution.toml

Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>

* Update rules/cross-platform/defense_evasion_data_encrypted_via_openssl.toml

Co-authored-by: Mika Ayenson, PhD <Mikaayenson@users.noreply.github.com>

* Update rules/cross-platform/defense_evasion_data_encrypted_via_openssl.toml

Co-authored-by: Mika Ayenson, PhD <Mikaayenson@users.noreply.github.com>

* ++

* ++

* ++

* ++

---------

Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>
Co-authored-by: Mika Ayenson, PhD <Mikaayenson@users.noreply.github.com>

2026-03-26 11:16:30 -05:00

3 Commits