9981cca275
[Security Content] Investigation Guides Line breaks refactor ( #2454 )
...
* [Security Content] Investigation Guides Line breaks refactor (#2412 )
* [Security Content] Investigation Guides Line break refactor
* undo updated_date bump on deprecated rules
* Remove duplicated key
* Remove changes to deprecated rules
* Update command_and_control_certutil_network_connection.toml
2023-01-09 13:28:10 -03:00
b1a689b6fd
Revert "[Security Content] Investigation Guides Line breaks refactor ( #2412 )" ( #2453 )
...
This reverts commit d1481e1a88
2023-01-09 10:44:54 -05:00
d1481e1a88
[Security Content] Investigation Guides Line breaks refactor ( #2412 )
...
* [Security Content] Investigation Guides Line break refactor
* undo updated_date bump on deprecated rules
* Remove duplicated key
2023-01-09 11:56:39 -03:00
b00de3e445
[Rule Tuning] adjust duplicate ssh brute force rule names and add unit test ( #2321 )
...
* added unit test for duplicate rule names
* adjusted macos file name and updated date values
* removed unit test and added assertion error in rule loader
* addressed flake errors
* addressed flake errors
* Update rules/linux/credential_access_potential_linux_ssh_bruteforce.toml
2022-09-26 10:04:38 -04:00
2f062ecf84
Add investigation guides ( #2326 )
2022-09-23 20:18:48 +05:30
725f7f3480
Linux rule to detect potential ssh brute force attack ( #2291 )
...
Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com >
2022-09-19 20:26:18 +05:30
Jonhnathan