security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,694 Commits 1 Branch 0 Tags
fbddc2e659fabfb229dfc8ae56a3cd4dcbe20968
Commit Graph

4 Commits

Author SHA1 Message Date
shashank-elastic 059d7efa25 Prep for Release 9.0 (#4550) 2025-03-20 20:32:07 +05:30
Mika Ayenson fe8c81d762 [FR] Generate investigation guides (#4358) 2025-01-22 11:17:38 -06:00
Terrance DeJesus 06319b7a13 [Rule Tuning] Add KEEP Command to all ES|QL Rules (#4146) 
* updating ES|QL rules to include KEEP command

* fixed some ES|QL rules with typos; added validation for KEEP command

* fixed ES|QL errors from missing fields

* fixed flake errors

* updated date

* added best practices to hunt docs
 2024-10-09 21:08:38 -04:00
Jonhnathan 11dca27974 [New Rule] Potential Widespread Malware Infection (#3656) 
* [New Rule] Potential Widespread Malware Infection

* Update potential_widespread_malware_infection.toml

* .

* Update execution_potential_widespread_malware_infection.toml

* Update rules/cross-platform/execution_potential_widespread_malware_infection.toml

Co-authored-by: Justin Ibarra <16747370+brokensound77@users.noreply.github.com>

* Update rules/cross-platform/execution_potential_widespread_malware_infection.toml

Co-authored-by: Justin Ibarra <16747370+brokensound77@users.noreply.github.com>

---------

Co-authored-by: Justin Ibarra <16747370+brokensound77@users.noreply.github.com>
 2024-05-10 13:51:04 -03:00