sigma-rules

Files

T

Isai d47d87386c [Rule Tuning] AWS RDS Snapshot Restored (#3809 )

* [Tuning] AWS RDS Instance Restored

-name and description change to better describe behavior
- rule file name changed to match tactic
- query change to add coverage for restore from S3
- rule type changed to eql
- subtechnique added for creaing instance
- tag added for RDS datasource
- Investigation Guide added

* Update defense_evasion_rds_instance_restored.toml

* Update defense_evasion_rds_instance_restored.toml

* removed investigation guide place holder

* deprecated old rule because of name change

* change rule_id

* Revert "change rule_id"

This reverts commit 0764c932f412439319e2d15a6bd80c360cf3fdc2.

* Revert "deprecated old rule because of name change"

This reverts commit fd62673380b40ba9ee432a271da3a8c5374e7129.

(cherry picked from commit f62644887e)

2024-06-29 00:46:01 +00:00

aws

[Rule Tuning] AWS RDS Snapshot Restored (#3809 )

2024-06-29 00:46:01 +00:00

azure

Back-porting Version Trimming (#3704 )

2024-05-22 19:18:10 +00:00

beaconing

Add exceptions to C2 Beaconing Activity (#3771 )

2024-06-11 13:17:09 +00:00

cloud_defend

Back-porting Version Trimming (#3704 )