sigma-rules

Author	SHA1	Message	Date
Ruben Groenewoud	11168606d5	[Tuning] event.action and event.type change (#3495 ) Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com> (cherry picked from commit `9f8638a004`)	2024-03-13 09:16:45 +00:00
Jonhnathan	9101dfc064	[Security Content] Small tweaks on the setup guides (#3308 ) * [Security Content] Small tweaks on the setup guides * Additional Fixes * Avoid touching deprecated rules (cherry picked from commit `458e67918a`)	2024-03-11 12:15:22 +00:00
Ruben Groenewoud	2f18b54ac8	[Tuning] Auditbeat event.action Compatibility (#3471 ) Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com> (cherry picked from commit `83abf8d42c`)	2024-03-06 14:34:12 +00:00
Ruben Groenewoud	5b8b6c4450	[Tuning] Linux DR Tuning - Part 2 (#3453 ) * [Tuning] Linux DR Tuning - Part 2 * Update defense_evasion_binary_copied_to_suspicious_directory.toml * Update defense_evasion_base16_or_base32_encoding_or_decoding_activity.toml (cherry picked from commit `0e48747aa6`)	2024-02-20 13:22:50 +00:00
shashank-elastic	8fee26a296	Enhance Setup Guide information (#3256 ) (cherry picked from commit `d52546eee5`)	2023-11-03 13:42:18 +00:00
Ruben Groenewoud	9bda5bd276	[New Rule] Attempt to Clear Kernel Ring Buffer (#3217 ) * [New Rule] Attempt to Clear Kernel Ring Buffer * Update defense_evasion_clear_kernel_ring_buffer.toml --------- Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com> (cherry picked from commit `618a1dbe06`)	2023-10-30 08:43:33 +00:00

6 Commits