sigma-rules/rules/integrations/problemchild at 748ee853399db91ae31e49d5ba57ba607a1baed4 - sigma-rules - GreySec Git

security-tools/sigma-rules

Files

T

History

Susan d8a39869c5 Add Entity related integrations ML rules with _ea job IDs and min_stack_version 9.4.0 (#5909 )

Co-authored-by: Shashank K S <Shashank.Suryanarayana@elastic.co>

2026-04-22 17:36:35 +05:30

..

defense_evasion_ml_rare_process_for_a_host.toml

Add Entity related integrations ML rules with _ea job IDs and min_stack_version 9.4.0 (#5909 )

2026-04-22 17:36:35 +05:30

defense_evasion_ml_rare_process_for_a_parent_process.toml

Add Entity related integrations ML rules with _ea job IDs and min_stack_version 9.4.0 (#5909 )

2026-04-22 17:36:35 +05:30

defense_evasion_ml_rare_process_for_a_user.toml

Add Entity related integrations ML rules with _ea job IDs and min_stack_version 9.4.0 (#5909 )

2026-04-22 17:36:35 +05:30

defense_evasion_ml_suspicious_windows_event_high_probability.toml

[Rule Tuning] Machine Learning Detected a Suspicious Windows Event with a High Malicious Probability Score (#5523 ) (#5686 )

2026-02-05 15:54:26 -05:00

defense_evasion_ml_suspicious_windows_event_low_probability.toml

[Tuning] Diverse Rules Tuning (#5482 )

2025-12-18 15:30:12 +00:00

defense_evasion_ml_suspicious_windows_process_cluster_from_host.toml

Add Entity related integrations ML rules with _ea job IDs and min_stack_version 9.4.0 (#5909 )

2026-04-22 17:36:35 +05:30

defense_evasion_ml_suspicious_windows_process_cluster_from_parent_process.toml

Add Entity related integrations ML rules with _ea job IDs and min_stack_version 9.4.0 (#5909 )

2026-04-22 17:36:35 +05:30

defense_evasion_ml_suspicious_windows_process_cluster_from_user.toml

Add Entity related integrations ML rules with _ea job IDs and min_stack_version 9.4.0 (#5909 )

2026-04-22 17:36:35 +05:30