sigma-rules

security-tools/sigma-rules

Fork 0

Commit Graph

Author	SHA1	Message	Date
shashank-elastic	f7aa477536	Correct Event Action to include endgame event schema (#2610 )	2023-04-20 17:28:01 +05:30
Justin Ibarra	59da2da474	[Rule Tuning] Ensure host information is in endpoint rule queries (#2593 ) * add unit tests to ensure host type and platform are included * add host.os.name 'linux' to all linux rules * add host.os.name macos to mac rules * add host.os.name to windows rules; fix linux dates * update from host.os.name to host.os.type Co-authored-by: brokensound77 <brokensound77@users.noreply.github.com> Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>	2023-03-05 11:41:19 -07:00
shashank-elastic	5f83433ecb	New Rule to identify potential linux credential dumping (#2604 )	2023-03-01 21:00:02 +05:30

Author

SHA1

Message

Date

shashank-elastic

f7aa477536

Correct Event Action to include endgame event schema (#2610 )

2023-04-20 17:28:01 +05:30

Justin Ibarra

59da2da474

[Rule Tuning] Ensure host information is in endpoint rule queries (#2593 )

* add unit tests to ensure host type and platform are included
* add host.os.name 'linux' to all linux rules
* add host.os.name macos to mac rules
* add host.os.name to windows rules; fix linux dates
* update from host.os.name to host.os.type

Co-authored-by: brokensound77 <brokensound77@users.noreply.github.com>
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

2023-03-05 11:41:19 -07:00

shashank-elastic

5f83433ecb

New Rule to identify potential linux credential dumping (#2604 )

2023-03-01 21:00:02 +05:30

3 Commits