security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d7d8c414eca65e8cd416c75ff48633eac2b6d8c8
sigma-rules/rules/integrations
T
History
Terrance DeJesus 3ed820afa8 [New Rule] Adding Coverage for Azure Entra Password Spraying (Non-Interactive SFA) (#4523) 
* adding new rule 'Azure Entra Repeated Failed Sign-Ins via Non-Interactive Single-Factor Authentication'

* updating name

* added investigation guide

* updated investigation guide

* updated investigation guide

* removed unnecessary comment

* adjusted logic to count distinct on principal id; principal name will be in aggregations now

* updated Entra ID name
2025-03-11 11:25:10 -04:00
..
aws
[New Hunt] Adding Hunting Queries for AWS SNS exfiltration and data collection (#4458)
2025-02-20 10:53:36 -05:00
aws_bedrock
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
azure
[New Rule] Adding Coverage for Azure Entra Password Spraying (Non-Interactive SFA) (#4523)
2025-03-11 11:25:10 -04:00
azure_openai
[New Rules] Azure OpenAI (#3701)
2025-03-04 22:59:38 +05:30
beaconing
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
cloud_defend
Deprecation Notice to Cloud Defend Rules (#4520)
2025-03-07 00:20:00 -05:00
cyberarkpas
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
ded
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
dga
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
endpoint
[Rule Tuning] Decrease Interval to 1m for Endpoint Promotions (#4450)
2025-02-07 08:30:35 -06:00
fim
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
gcp
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
github
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
google_workspace
Fix spacing in Setup information (#4470)
2025-02-20 10:04:13 +05:30
kubernetes
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
lmd
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00
o365
[New Rule] Adding Coverage for M365 OneDrive Excessive File Downloads with OAuth Token (#4469)
2025-02-21 10:45:04 -05:00
okta
Fix spacing in Setup information (#4470)
2025-02-20 10:04:13 +05:30
problemchild
[FR] Generate investigation guides (#4358)
2025-01-22 11:17:38 -06:00