 Ruben Groenewoud
|
6b84542093
|
[Rule Tuning] Linux DR Tuning - Part 5 (#4422)
* [Rule Tuning] Linux DR Tuning - Part 5
* Update rules/linux/persistence_xdg_autostart_netcon.toml
|
2025-02-03 13:53:53 +01:00 |
|
|
Mika Ayenson
|
fe8c81d762
|
[FR] Generate investigation guides (#4358)
|
2025-01-22 11:17:38 -06:00 |
|
|
Ruben Groenewoud
|
01eda44298
|
[Rule Tuning] Linux Persistence Rules (#4393)
* [Rule Tuning] Linux Persistence Rules
* Update persistence_suspicious_file_modifications.toml
* Update rules/linux/persistence_potential_persistence_script_executable_bit_set.toml
|
2025-01-20 09:51:49 +01:00 |
|
|
Jonhnathan
|
6b0b988d79
|
[Rule Tuning] Linux 3rd Party EDR Support - Crowdstrike and S1 - 10 (#4357)
* [Rule Tuning] Linux 3rd Party EDR Support - Crowdstrike and S1 - 10
* Remaining ones
|
2025-01-09 11:54:46 -03:00 |
|
|
Mika Ayenson
|
b80d8342d6
|
[Docs | Rule Tuning] Add blog references to rules (#4097)
* [Docs | Rule Tuning] Add blog references to rules
* Apply suggestions from code review
Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
* Apply suggestions from code review
* Update google_workspace blog references
* add okta blog references
* Update dates
---------
Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
|
2024-09-25 15:19:20 -05:00 |
|
|
Ruben Groenewoud
|
93d928625d
|
[Tuning] Executable Bit Set for Potential Persistence Script (#3929)
|
2024-08-02 21:13:19 +02:00 |
|
|
Ruben Groenewoud
|
460b314f49
|
[Rule Tuning] Executable Bit Set for Potential Persistence Script (#3812)
* [Rule Tuning] Executable Bit Set for Potential Persistence Script
* Update rules/linux/persistence_potential_persistence_script_executable_bit_set.toml
* Update persistence_potential_persistence_script_executable_bit_set.toml
---------
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
|
2024-06-27 21:29:30 +02:00 |
|