security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
711 Commits 1 Branch 0 Tags
a534cd4e85d26460414e8622ce240c8569bb7ba0
Commit Graph

2 Commits

Author SHA1 Message Date
Justin Ibarra 07a7784659 Update cardinality field in schema for threshold rules (#1349) 
* Make cardinality array in schema for threshold rules
* update master, 7.12, 7.13, and 7.14 schemas with cardinality fix
* fix 7.12 downgrade to handle cardinality as an array

* Add two new rules to detect agent spoofing

Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com>

(cherry picked from commit 163d9e3864)
 2021-07-21 16:33:59 +00:00
Justin Ibarra 781953a0a0 Add min_stack_version to rule metadata (#1173) 
* Add min_stack_version to metadata of rule structure
* validate all "stack versions" between defined and current package
* Use master schemas if min_stack_version > current_package

Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com>
 2021-06-30 13:26:27 -08:00