security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c395d799b47f2e085bb13824b45b0d5d71d4d690
sigma-rules/rules/integrations
T
History
Nic 8b2c8c2e03 [Rule tuning] Azure Active Directory High Risk Sign-in (#1463) 
* Add Aggregated Risk Level
* There can be a risk_level_during_signin:low but have a risk_level_aggregated:high which is also just as concerning and must be alerted on.
* An example is a password spray attack and have a successful login. Which makes me consider a new rule for interesting risk event types
2021-08-30 14:33:44 -08:00
..
aws
[Rule Tuning] AWS Security Group Configuration Change Detection (#1426)
2021-08-14 20:34:13 -08:00
azure
[Rule tuning] Azure Active Directory High Risk Sign-in (#1463)
2021-08-30 14:33:44 -08:00
cyberarkpas
[Fleet] Track integrations in folder and metadata (#1372)
2021-07-21 15:24:56 -06:00
endpoint
Set min stack to 7.15 for Behavior Protection promotion
2021-08-26 08:53:02 -06:00
gcp
[Fleet] Track integrations in folder and metadata (#1372)
2021-07-21 15:24:56 -06:00
google_workspace
[Rule tuning] Revise rule description and other text (#1398)
2021-08-03 13:07:47 -08:00
o365
[Rule Tuning] Rule description tweaks (#1388)
2021-07-29 10:56:13 -08:00
okta
[Fleet] Track integrations in folder and metadata (#1372)
2021-07-21 15:24:56 -06:00