security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,571 Commits 1 Branch 0 Tags
ec791fa67a4e597ef5013fbd2972508fc522ec4d
Commit Graph

4 Commits

Author SHA1 Message Date
Mika Ayenson, PhD 9999336f5e [Rule Tuning] Misc GenAI Rules (#5929) 2026-04-08 07:05:35 -05:00
Mika Ayenson, PhD 8993d1450b [Rule Tuning] Add Supplemental Mitre Mappings (#5876) 
---------

Co-authored-by: Ruben Groenewoud <78494512+Aegrah@users.noreply.github.com>
Co-authored-by: Isai <59296946+imays11@users.noreply.github.com>
Co-authored-by: terrancedejesus <terrance.dejesus@elastic.co>
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
Co-authored-by: eric-forte-elastic <eric.forte@elastic.co>
 2026-04-01 09:12:42 -05:00
Mika Ayenson, PhD 721ef0b9c7 [Rule Tuning] Misc GenAI Tuning (#5825) 
* tune credential_access_genai_process_sensitive_file_access.toml to reduce 74% noise on local state

* tune defense_evasion_genai_config_modification.toml to conservatively reduce noise by 19% on file.path

* tune command_and_control_genai_process_unusual_domain.toml to reduce 34% noise by domains

* tune execution_openclaw_agent_child_process.toml to address 99 % of noise with ip/arp
 2026-03-11 11:46:33 -05:00
Mika Ayenson, PhD 94c17dff59 [New Rule] Execution via OpenClaw Agent (#5666) 2026-02-04 14:02:52 -06:00