 shashank-elastic
|
18fcd83683
|
Back-porting Version Trimming (#3704)
(cherry picked from commit 63e91c2f12)
|
2024-05-22 19:18:10 +00:00 |
|
|
Ruben Groenewoud
|
11168606d5
|
[Tuning] event.action and event.type change (#3495)
Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>
(cherry picked from commit 9f8638a004)
|
2024-03-13 09:16:45 +00:00 |
|
|
Jonhnathan
|
9101dfc064
|
[Security Content] Small tweaks on the setup guides (#3308)
* [Security Content] Small tweaks on the setup guides
* Additional Fixes
* Avoid touching deprecated rules
(cherry picked from commit 458e67918a)
|
2024-03-11 12:15:22 +00:00 |
|
|
Ruben Groenewoud
|
e037d57c82
|
[New Rules] DDExec Analysis (#3408)
* [New Rules] DDExec Analysis
* Increased rule scope
* [New Rule] Dynamic Linker Discovery via od
* Revert "[New Rule] Dynamic Linker Discovery via od"
This reverts commit c58595b77f517d3f236a64a52c38804253db64cc.
* [New Rule] Dynamic Linker Discovery via od
* [New Rule] Potential Memory Seeking Activity
* [New BBR] Suspicious Memory grep Activity
* Added endgame + auditd_manager support
* Removed auditd_manager support for now
* Removed auditd_manager support for now
* Update discovery_suspicious_memory_grep_activity.toml
---------
Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
(cherry picked from commit d41855a2ac)
|
2024-02-06 13:53:27 +00:00 |
|