security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3e0a9ec47bed22e9ee65ba9877b9a5fbc64ec267
sigma-rules/rules/integrations
T
History
Terrance DeJesus 3e0a9ec47b [Rule Tuning] Potential Microsoft 365 User Account Brute Force (#4716) 
* tuning M365 brute force rule

* updated logic

* updated references

* adds minstack for values

* removed ignoring MSFT ASN

* Update rules/integrations/o365/credential_access_microsoft_365_potential_user_account_brute_force.toml

Co-authored-by: shashank-elastic <91139415+shashank-elastic@users.noreply.github.com>

---------

Co-authored-by: shashank-elastic <91139415+shashank-elastic@users.noreply.github.com>
Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com>
2025-05-19 14:08:38 -04:00
..
aws
[New Rule] Adding Coverage for AWS S3 Static Site JavaScript File Uploaded (#4617)
2025-04-30 16:25:03 -04:00
aws_bedrock
Prep for Release 9.0 (#4550)
2025-03-20 20:32:07 +05:30
azure
[New Rule] Suspicious Email Access by First-Party Application via Microsoft Graph (#4704)
2025-05-09 20:49:08 -04:00
azure_openai
Add investigation guides (#4600)
2025-04-07 20:55:39 +05:30
beaconing
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
cyberarkpas
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
ded
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
dga
[Rule Tuning] Reduce Severity from Critical to High (#4637)
2025-05-06 21:37:47 +05:30
endpoint
Update Max signals value to supported limits (#4556)
2025-03-27 09:02:25 +05:30
fim
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
gcp
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
github
Prep for Release 9.0 (#4550)
2025-03-20 20:32:07 +05:30
google_workspace
Fix spacing in Setup information (#4470)
2025-02-20 10:04:13 +05:30
kubernetes
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
lmd
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
o365
[Rule Tuning] Potential Microsoft 365 User Account Brute Force (#4716)
2025-05-19 14:08:38 -04:00
okta
Fix spacing in Setup information (#4470)
2025-02-20 10:04:13 +05:30
pad
Min stack rules from 4516 (#4549)
2025-03-19 20:27:30 -04:00
problemchild
Prep main for 9.1 (#4555)
2025-03-26 11:04:14 -04:00