Terrance DeJesus b70bbe0841 [New Rule] Adding Detection for Stolen Credentials Used to Login to Okta Account After MFA Reset (#3265) ...

* adding new rule 'Stolen Credentials Used to Login to Okta Account After MFA Reset'

* updated non-ecs; linted rule; updated description

* adjusted interval and maxspan

* Update rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

* Update rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

* Update rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

* Update rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml

---------

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

(cherry picked from commit 93d71acb91)

2023-12-12 15:36:56 +00:00

..

etc

[New Rule] Adding Detection for Stolen Credentials Used to Login to Okta Account After MFA Reset (#3265)

2023-12-12 15:36:56 +00:00

schemas

[FR] 8.12 Release Preparation update Main Branch to 8.13 (#3313)

2023-12-11 20:02:56 +00:00

__init__.py

Update package and install process (#1948)

2022-12-08 15:49:49 -05:00

__main__.py

Move Rule into a dataclass (#1029)

2021-03-24 10:24:32 -06:00

attack.py

[FR] Adapt PyPi semver Library and Remove Custom (#2503)

2023-02-07 14:26:29 -05:00

beats.py

[Bug] Use integration schemas for required_field types (#3303)

2023-12-11 17:37:17 +00:00

cli_utils.py

[Bug] Create Rule CLI Crashes on Required Arg (#3127)

2023-09-28 19:33:57 +00:00

devtools.py

[FR] Adjust Prebuilt Rules Packaging to Use Elastic Package v3 (#3252)

2023-11-01 16:53:22 +00:00

docs.py

[FR] Generate Prebuilt Rules Reference Page (#2964)

2023-07-27 11:05:31 -05:00

ecs.py

[FR] Add Support for Multi-Fields and Validation in Rules (#2882)

2023-06-28 20:35:33 -04:00

endgame.py

add support for additional endgame field types (#2372)

2022-10-19 11:11:09 -04:00

eswrap.py

[FR] Add host family to data path (#2839)

2023-06-12 16:03:33 -04:00

ghwrap.py

Update package and install process (#1948)

2022-12-08 15:49:49 -05:00

integrations.py

[FR] 8.12 Release Preparation update Main Branch to 8.13 (#3313)

2023-12-11 20:02:56 +00:00

kbwrap.py

[Bug] Strip Non-Public Fields Prior to Uploading Rules (#2986)

2023-08-02 12:38:48 -05:00

main.py

[New Rule] File Compressed or Archived into Common Format (#3173)

2023-10-11 18:40:16 +00:00

mappings.py

Release ER Production RTAs to DR (#2270)

2022-09-08 12:50:39 -04:00

misc.py

[FR] Add Support for ES|QL Rule Type and Remote Validation (#3281)

2023-12-08 19:51:44 +00:00

mixins.py

[FR] Adapt PyPi semver Library and Remove Custom (#2503)

2023-02-07 14:26:29 -05:00

ml.py

Refactor experimental ML CLI and code (#1218)

2021-06-02 20:37:12 -08:00

navigator.py

[FR] Update build-release to support bbr release (#2987)

2023-07-31 15:20:18 -04:00

packaging.py

Adjust ESQLRuleData to Inherit QueryRuleData Dataclass (#3297)

2023-11-30 14:11:53 +00:00

remote_validation.py

[FR] Add Support for ES|QL Rule Type and Remote Validation (#3281)

2023-12-08 19:51:44 +00:00

rule_formatter.py

Validate markdown plugin fields (#2602)

2023-03-28 09:17:50 -04:00

rule_loader.py

[FR] Add support for BBR rules to the rule loader (#2968)

2023-07-27 11:27:04 -05:00

rule_validators.py

[FR] Add Support for ES|QL Rule Type and Remote Validation (#3281)

2023-12-08 19:51:44 +00:00

rule.py

[Bug] Use integration schemas for required_field types (#3303)

2023-12-11 17:37:17 +00:00

utils.py

[FR] Only supporting known compatible rule file types (#3167)

2023-10-11 15:49:41 +00:00

version_lock.py

[Bug][FR] Remove Rule Type Change Restriction and Fix Version Lock Bug (#2769)

2023-05-02 11:00:36 -04:00