sigma-rules

Files

T

Jonhnathan edef90b3ec [Security Content] Add Investigation Guides to Cloud Rules - AWS (#2104 )

* [Security Content] Add Investigation Guides to Cloud Rules - AWS

* Apply suggestion from review

* Update rules/integrations/aws/exfiltration_ec2_snapshot_change_activity.toml

Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>

* Update rules/integrations/aws/impact_cloudwatch_log_stream_deletion.toml

Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>

* Apply suggestions from review

* Apply suggestions from code review

Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>

* .

* Applies suggestions from the https://github.com/elastic/detection-rules/pull/2124 PR

Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>

(cherry picked from commit d854b943e5)

2022-07-20 15:30:04 +00:00

aws

[Security Content] Add Investigation Guides to Cloud Rules - AWS (#2104 )

2022-07-20 15:30:04 +00:00

azure

2058 add setup field to metadata (#2061 )

2022-07-18 21:25:32 +00:00

cyberarkpas

2058 add setup field to metadata (#2061 )

2022-07-18 21:25:32 +00:00

endpoint

Linux Shell Evasion Rule Tuning (#1878 )