security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,555 Commits 1 Branch 0 Tags
7be96ec64dc12ed3d2849bb408e4eecfde40dc02
Commit Graph

2 Commits

Author SHA1 Message Date
Terrance DeJesus 06319b7a13 [Rule Tuning] Add KEEP Command to all ES|QL Rules (#4146) 
* updating ES|QL rules to include KEEP command

* fixed some ES|QL rules with typos; added validation for KEEP command

* fixed ES|QL errors from missing fields

* fixed flake errors

* updated date

* added best practices to hunt docs
 2024-10-09 21:08:38 -04:00
Jonhnathan 11dca27974 [New Rule] Potential Widespread Malware Infection (#3656) 
* [New Rule] Potential Widespread Malware Infection

* Update potential_widespread_malware_infection.toml

* .

* Update execution_potential_widespread_malware_infection.toml

* Update rules/cross-platform/execution_potential_widespread_malware_infection.toml

Co-authored-by: Justin Ibarra <16747370+brokensound77@users.noreply.github.com>

* Update rules/cross-platform/execution_potential_widespread_malware_infection.toml

Co-authored-by: Justin Ibarra <16747370+brokensound77@users.noreply.github.com>

---------

Co-authored-by: Justin Ibarra <16747370+brokensound77@users.noreply.github.com>
 2024-05-10 13:51:04 -03:00