 Justin Ibarra
|
46d5e37b76
|
min_stack all rules to 8.3 (#2259)
* min_stack all rules to 8.3
* bump date
Co-authored-by: Mika Ayenson <mika.ayenson@elastic.co>
|
2022-08-24 10:38:49 -06:00 |
|
|
Justin Ibarra
|
0e0b2ea1a4
|
Update schema for threshold rule type for 7.12 (#976)
* Update schema for threshold rule type for 7.12
* add downgrade function to drop new fields
* update existing threshold rules
|
2021-03-05 14:35:50 -09:00 |
|
|
Justin Ibarra
|
3fc34b86f2
|
Update License to Elastic v2 (#944)
|
2021-03-03 22:12:11 -09:00 |
|
|
Samirbous
|
da949b0051
|
[New Rule] Potential SSH Bruteforce Detected (#538)
* [New Rule] Potential SSH Bruteforce Detected
* Update credential_access_potential_ssh_bruteforce.toml
* added parent process condition
* Update rules/macos/credential_access_potential_ssh_bruteforce.toml
Co-authored-by: Andrew Pease <7442091+peasead@users.noreply.github.com>
* spaces
* ecs_version
* Update rules/macos/credential_access_potential_ssh_bruteforce.toml
Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com>
* Update rules/macos/credential_access_potential_ssh_bruteforce.toml
Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com>
* Update rules/macos/credential_access_potential_ssh_bruteforce.toml
Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com>
Co-authored-by: Andrew Pease <7442091+peasead@users.noreply.github.com>
Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com>
|
2020-12-04 17:18:03 +01:00 |
|