Isai 5073ef8be7 [Rule Tuning] AWS Security Group Configuration Change Detection (#1915) ...

* Update persistence_ec2_security_group_configuration_change_detection

Rule does not trigger as expected due to 'iam' provider. I changed the specified provider to 'ec2'.

* update to improve rule coverage

I edited this rule to include the deletion of an RDS Instance. This fills a current gap in coverage as we are able to detect the creation and stopping of RDS instances and clusters, but only detect deletion of RDS clusters.

* Revert "update to improve rule coverage"

This reverts commit b3b094274fe13c56908aa6781c8236de6e3b5380.

2022-04-07 14:47:09 -04:00

..

aws

[Rule Tuning] AWS Security Group Configuration Change Detection (#1915)

2022-04-07 14:47:09 -04:00

azure

Update impact_azure_service_principal_credentials_added.toml (#1802)

2022-03-02 05:36:21 -03:00

cyberarkpas

Add min_stack_comments to metadata schema (#1573)

2021-10-19 20:52:53 -08:00

endpoint

Add missing Integration field (#1537)

2021-10-26 12:05:12 -03:00

gcp

[Security Content] Update rules based on docs review (#1803)

2022-03-01 21:39:30 -03:00

google_workspace

[Rule Tuning] Update Google Workspace rules to remove compatibility with deprecated gsuite integration (#1706)

2022-01-25 16:51:20 -09:00

o365

[Security Content] Update rules based on docs review (#1803)

2022-03-01 21:39:30 -03:00

okta

Expand timestamp override tests (#1907)

2022-04-01 15:27:08 -08:00