security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d4e06beee609c9895ad81cbffa034db9be6fd5e7
sigma-rules/.github/paths-labeller.yml
T
Ross Wolf 3b338baab0 [New Rule] Endpoint Security Behavior Protection (#1440) 
* [New Rule] Endpoint Security Behavioral Protection
* Update readme and labeler for endpoint integration
* Fix new rule to use event.code
* Fix old rule to use event.code
* Changed from behavioral to behavior
* Rename elastic_endpoint_security_behavioral.toml to elastic_endpoint_security_behavior_protection.toml
* Back from the future (updated_date)

Co-authored-by: David French <56409778+threat-punter@users.noreply.github.com>
2021-08-25 09:56:59 -06:00

60 lines
1.6 KiB
YAML
Raw Blame History

---
- "documentation":
- "./**/*.md"
- "schema":
- "detection_rules/beats.py"
- "etc/beats_schemas/**/*"
- "detection_rules/ecs.py"
- "etc/ecs_schemas/**/*"
- "etc/api_schemas/**/*"
- "detection_rules/schemas/**/*"
- "python":
- "detection_rules/**/*.py"
- "kibana/**/*.py"
- "kql/**/*.py"
- "RTA":
- "rta/**/*"
# rules
- "Domain: Cloud":
- "rules/integrations/aws/**/*.toml"
- "rules/integrations/azure/**/*.toml"
- "rules/integrations/cyberarkpas/**/*.toml"
- "rules/integrations/gcp/**/*.toml"
- "rules/integrations/google_workspace/**/*.toml"
- "rules/integrations/o365/**/*.toml"
- "rules/integrations/okta/**/*.toml"
- "Domain: Endpoint":
- "rules/windows/**/*.toml"
- "rules/linux/**/*.toml"
- "rules/macos/**/*.toml"
- "ML":
- "rules/ml/**/*.toml"
- "rules/**/ml_*.toml"
- "OS: Linux":
- "rules/linux/**/*.toml"
- "OS: macOS":
- "rules/macos/**/*.toml"
- "OS: Windows":
- "rules/windows/**/*.toml"
- "Integration: AWS":
- "rules/integrations/aws/**/*.toml"
- "Integration: Azure":
- "rules/integrations/azure/**/*.toml"
- "Integration: Crowdstrike":
- "rules/integrations/crowdstrike/**/*.toml"
- "Integration: CyberArkPas":
- "rules/integrations/cyberarkpas/**/*.toml"
- "Integration: Endpoint":
- "rules/integrations/endpoint/**/*.toml"
- "Integration: GCP":
- "rules/integrations/gcp/**/*.toml"
- "Integration: Google Workspace":
- "rules/integrations/google_workspace/**/*.toml"
- "Integration: Microsoft 365":
- "rules/integrations/o365/**/*.toml"
- "Integration: Okta":
- "rules/integrations/okta/**/*.toml"
- "Rule: Deprecation":
- "rules/_deprecated/**/*"
Reference in New Issue View Git Blame Copy Permalink