security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d1e9247bd40522f9e71014997fdd2018bd14d8d2
sigma-rules/rules/integrations
T
History
Isai 11468edab6 [Rule Tuning] AWS EC2 Unauthorized Admin Credential Fetch via Assumed Role (#4774) 
* [Rule Tuning] AWS EC2 Unauthorized Admin Credential Fetch via Assumed Role

- Edited Rule Name, Description, and Investigation Guide to better align with the behavior captured by this rule
- adjusted execution window
- added highlighted fields

* adding account id to highlighted fields

adding account id to highlighted fields

* changing AWS EC2 tag for consistency across EC2 rules

changing AWS EC2 tag for consistency across EC2 rules
2025-06-06 15:08:48 -04:00
..
aws
[Rule Tuning] AWS EC2 Unauthorized Admin Credential Fetch via Assumed Role (#4774)
2025-06-06 15:08:48 -04:00
aws_bedrock
Prep for Release 9.0 (#4550)
2025-03-20 20:32:07 +05:30
azure
new rule for bloodhound user agents (#4769)
2025-06-04 09:11:13 -04:00
azure_openai
Add investigation guides (#4600)
2025-04-07 20:55:39 +05:30
beaconing
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
cyberarkpas
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
ded
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
dga
[Rule Tuning] Reduce Severity from Critical to High (#4637)
2025-05-06 21:37:47 +05:30
endpoint
Update Max signals value to supported limits (#4556)
2025-03-27 09:02:25 +05:30
fim
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
gcp
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
github
Prep for Release 9.0 (#4550)
2025-03-20 20:32:07 +05:30
google_workspace
Fix spacing in Setup information (#4470)
2025-02-20 10:04:13 +05:30
kubernetes
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
lmd
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
o365
[New Rule] Microsoft 365 Suspicious Inbox Rule to Delete or Move Emails (#4743)
2025-06-02 10:02:18 -04:00
okta
Fix spacing in Setup information (#4470)
2025-02-20 10:04:13 +05:30
pad
Min stack rules from 4516 (#4549)
2025-03-19 20:27:30 -04:00
problemchild
Prep main for 9.1 (#4555)
2025-03-26 11:04:14 -04:00