065bcd8018
Refresh ATT&CK data to v7.2 and expand threat validation ( #330 )
...
* refresh to latest ATT&CK 7.2
* add new unit test to further validate threat mappings
* updated threat mappings in rules to reflect changes
* new func to download and refresh mitre data based on version
2020-09-23 22:03:29 -08:00
79a0dfefbe
Add ECS 1.6.0 schema for validation testing ( #220 )
...
* Add ecs 1.6.0 and refresh master ecs (2.0.0)
* update rule metadata to use ecs_version 1.6.0
2020-08-27 11:54:49 -05:00
680a04da8f
Fix terminology and doc links ( #54 )
2020-07-13 12:47:42 -06:00
e0f2e8b4a9
Add dataset and index to network rules ( #15 )
...
* Add dataset and index to network rules
* Restore iptables changes
* Fix beats parsing logic
* Updated date and ECS version
* Only update modules if empty
Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com >
Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com >
2020-07-08 13:19:35 -06:00
1fac018f10
Update MySQL port to 3306 not 3336 ( #2 )
2020-07-01 09:52:04 -06:00
5fcece8416
Populate rules/ directory.
...
Co-Authored-By: Brent Murphy <56412096+bm11100@users.noreply.github.com >
Co-Authored-By: Craig Chamberlain <randomuserid@users.noreply.github.com >
Co-Authored-By: David French <56409778+threat-punter@users.noreply.github.com >
Co-Authored-By: Derek Ditch <dcode@users.noreply.github.com >
Co-Authored-By: Justin Ibarra <brokensound77@users.noreply.github.com >
2020-06-29 22:57:03 -06:00
Justin Ibarra