 Ruben Groenewoud
|
6b84542093
|
[Rule Tuning] Linux DR Tuning - Part 5 (#4422)
* [Rule Tuning] Linux DR Tuning - Part 5
* Update rules/linux/persistence_xdg_autostart_netcon.toml
|
2025-02-03 13:53:53 +01:00 |
|
|
Mika Ayenson
|
fe8c81d762
|
[FR] Generate investigation guides (#4358)
|
2025-01-22 11:17:38 -06:00 |
|
|
Ruben Groenewoud
|
b309bcb7ae
|
[Rule Tuning] Q2 Linux DR Tuning - Part 5 (#4166)
* [Rule Tuning] Q2 Linux DR Tuning - Part 5
* Update persistence_suspicious_ssh_execution_xzbackdoor.toml
* Update persistence_rpm_package_installation_from_unusual_parent.toml
|
2024-10-18 17:02:26 +02:00 |
|
|
Mika Ayenson
|
b80d8342d6
|
[Docs | Rule Tuning] Add blog references to rules (#4097)
* [Docs | Rule Tuning] Add blog references to rules
* Apply suggestions from code review
Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
* Apply suggestions from code review
* Update google_workspace blog references
* add okta blog references
* Update dates
---------
Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
|
2024-09-25 15:19:20 -05:00 |
|
|
Ruben Groenewoud
|
21485b16fa
|
[Tuning & Changes] Misc rule/hunt tuning (#3875)
* [Tuning & Changes] Misc rule/hunt tuning
* Bump update_date
* ++
* Updated docs
|
2024-07-11 14:55:33 +02:00 |
|
|
Ruben Groenewoud
|
6746a421c4
|
[New Rules] Yum Plugin Creation / Discovery (#3820)
* [New Rules] Yum Plugin Creation / Discovery
* Update discovery_yum_plugin_detection.toml
* Update and rename discovery_yum_plugin_detection.toml to discovery_yum_dnf_plugin_detection.toml
|
2024-06-25 16:14:28 +02:00 |
|