security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
93d71acb91c0d4aa57983323e565edacabe28b3d
sigma-rules/detection_rules
T
History
Terrance DeJesus 93d71acb91 [New Rule] Adding Detection for Stolen Credentials Used to Login to Okta Account After MFA Reset (#3265) 
* adding new rule 'Stolen Credentials Used to Login to Okta Account After MFA Reset'

* updated non-ecs; linted rule; updated description

* adjusted interval and maxspan

* Update rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

* Update rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

* Update rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

* Update rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml

---------

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
2023-12-12 10:31:45 -05:00
..
etc
[New Rule] Adding Detection for Stolen Credentials Used to Login to Okta Account After MFA Reset (#3265)
2023-12-12 10:31:45 -05:00
schemas
[FR] 8.12 Release Preparation update Main Branch to 8.13 (#3313)
2023-12-11 14:58:06 -05:00
__init__.py
Update package and install process (#1948)
2022-12-08 15:49:49 -05:00
__main__.py
Move Rule into a dataclass (#1029)
2021-03-24 10:24:32 -06:00
attack.py
[FR] Adapt PyPi semver Library and Remove Custom (#2503)
2023-02-07 14:26:29 -05:00
beats.py
[Bug] Use integration schemas for required_field types (#3303)
2023-12-11 11:32:38 -06:00
cli_utils.py
[Bug] Create Rule CLI Crashes on Required Arg (#3127)
2023-09-28 14:28:13 -05:00
devtools.py
[FR] Adjust Prebuilt Rules Packaging to Use Elastic Package v3 (#3252)
2023-11-01 12:47:40 -04:00
docs.py
[FR] Generate Prebuilt Rules Reference Page (#2964)
2023-07-27 11:05:31 -05:00
ecs.py
[FR] Add Support for Multi-Fields and Validation in Rules (#2882)
2023-06-28 20:35:33 -04:00
endgame.py
add support for additional endgame field types (#2372)
2022-10-19 11:11:09 -04:00
eswrap.py
[FR] Add host family to data path (#2839)
2023-06-12 16:03:33 -04:00
ghwrap.py
Update package and install process (#1948)
2022-12-08 15:49:49 -05:00
integrations.py
[FR] 8.12 Release Preparation update Main Branch to 8.13 (#3313)
2023-12-11 14:58:06 -05:00
kbwrap.py
[Bug] Strip Non-Public Fields Prior to Uploading Rules (#2986)
2023-08-02 12:38:48 -05:00
main.py
[New Rule] File Compressed or Archived into Common Format (#3173)
2023-10-11 11:34:34 -07:00
mappings.py
Release ER Production RTAs to DR (#2270)
2022-09-08 12:50:39 -04:00
misc.py
[FR] Add Support for ES|QL Rule Type and Remote Validation (#3281)
2023-12-08 12:46:28 -07:00
mixins.py
[FR] Adapt PyPi semver Library and Remove Custom (#2503)
2023-02-07 14:26:29 -05:00
ml.py
Refactor experimental ML CLI and code (#1218)
2021-06-02 20:37:12 -08:00
navigator.py
[FR] Update build-release to support bbr release (#2987)
2023-07-31 15:20:18 -04:00
packaging.py
Adjust ESQLRuleData to Inherit QueryRuleData Dataclass (#3297)
2023-11-30 09:06:34 -05:00
remote_validation.py
[FR] Add Support for ES|QL Rule Type and Remote Validation (#3281)
2023-12-08 12:46:28 -07:00
rule_formatter.py
Validate markdown plugin fields (#2602)
2023-03-28 09:17:50 -04:00
rule_loader.py
[FR] Add support for BBR rules to the rule loader (#2968)
2023-07-27 11:27:04 -05:00
rule_validators.py
[FR] Add Support for ES|QL Rule Type and Remote Validation (#3281)
2023-12-08 12:46:28 -07:00
rule.py
[Bug] Use integration schemas for required_field types (#3303)
2023-12-11 11:32:38 -06:00
utils.py
[FR] Only supporting known compatible rule file types (#3167)
2023-10-11 11:43:42 -04:00
version_lock.py
[Bug][FR] Remove Rule Type Change Restriction and Fix Version Lock Bug (#2769)
2023-05-02 11:00:36 -04:00